Three WordPress Security Tips
I came across this post on quickonlinetips who got these tips from Matt Cutts. While some of them I have been following there a few tips that are new to me or can be done in a better way I am listing them all here.
1. Drop the WordPress Meta Tag
By default a large number of WordPress themes have the WordPress Meta Tag which show the version of WordPress that is currently running on the blog. I have even removed the Powered by WordPress links from the footer this has reduced spam by a certain degree.
2. Disable Access to your Directory Indexes.
If you are not aware by default if some types in the path to your Plugins Directory they can view a list of all files in the directory. The best way to disable this is through the HTACCESS file. add the line given at the bottom of your Htaccess file in the root of your blog.
The other way to disable it as outlined by matt cutts is to put a blank index.php or index.html file in the Plugins directory.
3. Disable access to /wp-admin/
This is the most drastic measure you can take. i.e. to block access to the wp-admin directory using htaccess. But this will work only if you browse the net with a Static IP address. Also this is not necessary if you are using the latest version of WordPress.
4. Bonus Point Keep your WordPress Blog upto date using The WordPress Automatic Upgrade Plugin