Backing up your blog regularly also helps in procuring from repair hacked wordpress site hackers. You must keep a copy of your documents hide away in system that you can be certain of your database. This makes you a protected backup files that serves you in times of down is the system. Hackers are less likely to slip from a bonded back up system.
I protect an access to important files on the blog's server by placing an index.html file in the particular directory, that hides the files out of public view.
You also need to place the"Anyone Can Register" in Settings/General to away, and you ought to have some sort of spam plugin. Akismet is the one I use, the old standby, but there are lots of them nowadays.
You may extend the plugin features with premium plugins like: Amazon S3 plugin, Members only plugin, DropShop etc.. I think you can use it and this plugin is a good choice.
There is another problem you have with WordPress. People know where they can login and they could visit your login form look at these guys and try a different combination of user accounts and passwords outside. So as to stop this from happening you need to install Login Lockdown. It is a plugin that allows users to try and login with a wrong password three times. After that the IP address will be banned from the server for a specific timeframe.