Hey, I thought I share this regarding how to make your WordPress make secure. I use all of these to help sleep better knowing my sites are safe and secure. First things, you need these plugins now: Secure WordPress - basic security Limited Login Attempts - stops the number of forced login so they're locked out WordPress Firewall 2 - basic security WordPress Secruity Scan - basic secruity Lockdown WP Admin - this is a great unique plugin I'm surprised nobody ever mentions that hides your "wp-admin" and change it to anyway you like wwwsite.com/whateveryouwant so that way delinquents won't attempt to force-login into your site on your wp-admin screen...if they can't even find it in the first place. Also, have "SI CAPTCHA Anti-Spam" this way not only it protects you from spam, but under the option you can "enable CAPTCHA on login wp-admin page". this makes it more difficult for bot and harder for delinquents to attempt force login...now with limited-login attempt and if they even find your login-page in the first place with Lockdown WP-admin. for rock solid secrutiy. If anybody else has other advice, please share.