By default, the newest version of WordPress is pretty secure. The development team of WordPress has considered anything which may have been added to some fix malware problem plugins. In the past , WordPress did have holes but now most of them are stuffed up.
No software system is resistant to bugs and vulnerabilities. Security holes will be discovered and guys will do their best top article to exploit them. Keeping your go to my blog software up-to-date is a good way once security holes are found because their products will be fixed by software sellers.
This is very handy plugin, protecting you against brute-force password-crack attacks. It keeps track of the IP address of every failed login attempt. You can configure the plugin to disable login attempts when a certain number of attempts is reached.
You could get an SSL Encyption Security to your WordPress blogs. The SSL Security makes secure and encrypted communications with your blog. So that all transactions are listed, you may also keep the all of the cookies and history of communication. Make sure all your sites get SSL security for protection.
Just make sure you choose a plugin that's current with the current version and release of WordPress, and which you may schedule, restore and clone.