Tony Perez, COO & CFO of Sucuri, posted a great tutorial and write-up about how to harden WordPress. Why bother hardening WordPress? Stop the hackers.
Tony discusses how to effectively use your .htaccess file — password protection, denying a visitor by IP address, hot link protection and more. He also goes over how to securely communicate with your host when transferring files: by FTP, FTPs, SFTP, and SSH.