If you haven’t yet read this post “WordPress Exploit Hits SEO Website”, go ahead and read. WordPress has released an updated version to cover-up all exploits, so go ahead and upgrade your blog first. Once you have done, do the follwoing, Reuben Yau has posted an extra bit of security to make WordPress blog more secure.
This involves of placing an .htaccess file into the wp-admin folder, that limit’s access to this folder by IP address. Any attempts at accessing any file within this folder will be greeted with a Forbidden error message. Copy & paste follwoing code and save as .htaccess in your wp-admin/ folder. That’s it!
Note: Don’t replace / edit .htaccess file in the root folder of your blog or your public_html folder.
AuthName "Example Access Control"
deny from all
allow from xx.xx.xx.xx
allow from xx.xx.xxx.xx
Reuben Yau WordPress, Blog, Security