WordPress might be among the easiest and more powerful blogging software. That power and popularity comes at the price of security. An increasing number of hackers find it highly profitable to exploit an ever growing number of vulnerabilites in WordPress to inject spam links, malicious files and redirects to WordPress blogs.
Securing a WP install is a fight that goes on forever, but there are some steps you can implement to improve the security aspect. One quick WP security tip is to move wp-config.php file one level above the WordPress install (ie. one level above the directory in which wp-includes exists).
Also, set the file permission for wp-config.php to 750 (readable only by user and server).
What are your favorite WordPress security tips? Tell us in comments.