Tips to help protect yourself from WordPress security issues:
1. Upgrade WordPress – This is probably the first thing you should do! If you’re not running the most up-to-date version, you’re asking for trouble. Currently, it’s 2.2.3, but soon will be version 2.3. May as well wait till the 24th and install the newest version. There have been a few releases recently that were just security fixes (SQL Injection, etc). It may seem like a pain in the butt and sometimes it can be, but upgrading is really not that bad. I held off upgrading from version 2.0 to 2.2 for a few months because I was scared something was going to go wrong and everything deleted. Finally, I mustered the energy and went through their instructions step by step and it was fine! After you upgrade WordPress once, it’s not all that bad!
2. Change default passwords – Are you still logging into your wp-admin page with the same default password that was emailed to you? If so, CHANGE IT! That password is only 6 characters and just numbers and letters. My grandmother could probably crack it after a few weeks. Make it complex and more than 10 characters if you can. Also, try not to use words, make it a nice jumble of letters, numbers, and symbols. Also while you’re at it, go ahead and log into your hosting company’s site and change your password there for your account login and any control panel logins, like cPanel, etc.
tips for Protect your WordPress Blog
3. Use SSH/Shell Access instead of FTP – This one is a big one! It’s not as easy to implement as the other two, but it’s probably the best tip out of all the others that I will list here. If someone gets a hold of your FTP login information (which is usually not encrypted and easy to get), they can manipulate your files and add spam to your site without you even knowing about it! Just read this story! It’s actually best to disable FTP altogether if you can! Using SSH, everything is encrypted including the transfer of files, etc.
4. Install LoginLock plugin – This is a really cool plugin that will automatically block an IP address from trying to log into your WordPress admin area after a certain number of attempts. LoginLock will prevent bots from continuously trying different combinations to crack your account. This is very similar to how Windows works if you’re in a domain environment. The default locked out time is 1 hour.
5. Create a blank index.html file in your /Plugins/ directory – By default, your WordPress plugins folder is completely visible to anyone by going to http://www.domainname.com/wp-content/plugins. Go ahead and create a blank document in your favorite editor and save it as index.html and upload it to the plugins directory. Now when you try to access it, you only get a blank screen. This prevents hackers from finding out a security hole in one of your plugins.
6. Block access to wp-admin folder using .htaccess – There is an article written Reuben that talks about how you can protect your WordPress admin folder by allowing access to it from a defined set of IP addresses. Everything else will bring up a Forbidden error message. So if you only access your blog from one or two places routinely, it’s worth implementing. Also, you’re supposed to create a new .htaccess file inside your wp-admin folder, not replace the one at the root of your blog
7. Remove the version string from your header.php file – Of course, if you’re running version 2.0 and the current release is 2.3 AND your blog explicitly states that it’s at 2.0 on every page, it’s not going to be very hard for someone to find your vulnerable blog and attack it. The line looks like this:
8. Block WP- folders from the search engines – There is no need to have all of your filesWordpress files indexed by Google, so it’s best to block them in your robots.txt file. Add the following line to your list:Disallow: /wp-*
Let me know any idea by Comment that will add more safty tips to protect WordPress Blog from showing Security Hole. 
These Articles can be helpful to you
- Fix Special Folders Showing Up With Generic Yellow Icon in Windows 7
- Firefox Saved Password feature is not safe.!
- Steps to move From blogger to wordpress
- How To Show Current Music Track in GTalk/Gmail While Playing Songs in Winamp
- [How-to]Disable Writing to USB Drives/Pen-Drives
