fix wordpress malware attack will even tell you that there is not any htaccess from the directory. You can put a.htaccess file into this directory if you wish, and you can use it to control access to the wp-admin directory or address range. Details of how to do this are available on the internet.
I protect an access to important files on the blog's server by placing an index.html file in the particular directory, which hides the files out of public view.
You should also place the"Anyone Can Register" in Settings/General to away, and you ought to have some sort of spam plugin. Akismet is the old standby, the one I use, but there are many of them nowadays.
As I (our fictitious Joe the Hacker) understand, people have way too many usernames and passwords to remember. You have got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, web hosting, etc. accounts that all come with logins and passwords you will read this need to remember.
Software: If you've installed scripts such as Wordpress, search Google for'wordpress security'. You'll get many tips.