Install the fix wordpress malware plugin Firewall Plugin. This plugin investigates requests to identify and quit attacks that are most obvious.
An easy way would be to use a few built-in tools. First of all, don't allow people run a web host security scan, to list the documents in your folders and automatically backup your web hosting account.
This is quite useful plugin, protecting you against brute-force password-crack strikes. It keeps track of the IP address of every failed login attempt. You can configure the plugin to disable login attempts read here when a certain number of attempts is reached.
In addition to adding a secret key to your wp-config.php file, also consider altering your user password into something that's strong and unique. WordPress will let you know the strength of your password, but a great idea is to avoid common phrases, use upper and lowercase letters, and include numbers. It's also a good idea to change your password regularly - say once every six months.
Change your password, often, or visit the website admin username and your WordPress password and collect and utilize other fantastic WordPress security tips to keep hackers out!