By default, the newest version of WordPress is pretty secure. The development team of WordPress has considered anything that might have been added to some fix wordpress malware attack plugins. Before, WordPress did have holes but now most of them are stuffed up.
Truth is, if a master of this script targets your site, there is actually no way to prevent an intrusion. What you are about to read below are some actions you can take to minimize the risk to an acceptable degree. If your WordPress site is protected chances are i was reading this a hacker would prefer picking another.
I don't think there is a person out there that after learning how much of a problem WordPress hacking is that it's a good idea. However is that when it comes to securing their blogs, bloggers seem to be stuck in this state that is reactive.
Upgrade if you're not running the latest version of WordPress. Similar to maintaining your door unlocked when you leave for vacation leaving your website is.
Do not use wp_. Web hosting providers are currently removing that default now but if yours doesn't, adjust wp_ to anything but that.