I have one more web site (WP). Which have searching result is good in google and have visitor. Now I want protect against hackers. Please give me tips or If any one know.
Keep your site updated and don't install plugins that are not trusted. By that I mean you should try to use plugins that have a large number of users using it with regular updates. Also make sure to not use the default username "admin" and make a complex password.
He's basically got it covered. If I may add, avoid TimThumb-based themes/plugins too. I don't care if they keep updating it, it's always going to be a security risk. And never leave themes plugins you aren't using just hanging around. If you aren't using it then DELETE IT. Check Sucuri, too, if you really want some security but it's not a free service.
My advice? Get rid of turdpress; like most off the shelf solutions it's code rot and generally speaking "insecure by design" - popular does NOT mean it's actually any good.. sadly TP is worse than most since it does all sorts of idiotic bull like multiple entry vectors, leaving the database connection in global scope, failing to sanitize/prevent direct calls to libs, and (this is just mind-numbingly stupid) putting the database connection info into DEFINE so it's not just global, it's undeletable. Herpafreakingderp! "Security, what's that?!?"
Not to mention the fact you have to add extra "security plugins" in an attempt to make the pile of shite secure.....mind boggling.
I wouldn't entirely pay attention to these naysayers. Any software is going to have it's vulnerabilities. Some more than others. Why not go with a popular software with a super active community and do what's necessary to minimize threats? You'll never 100% be threat free if your website is public no matter what you're running.
it is imposible to make sure your 100% safe and there is no Site wich is 100% secure there are Exploits for everything i will Suggest you first of all : You said you r using wp and that means yOU Have web panel known by al hackers wich is wp-admin so i suggest you to use htaccess in this directory to prevent hackers from entering their and then the htpass file u need to make it unwritable unless u r root i will also suggest you to use dedicated ip,coz in shared ip u can be hacked easily even if ur site is not vulnble coz the hacker can use the symlink function to get your config file and loginto ur database and then hack ur site easily using ur credential also make sure that all ur plugins r updated and verfiy if the plugins is vulnb i mean use hackers site to see if one of ur plugoins is vuln exmple " kstate plugin wordpress exploit" in google and u will see exploits for this plugin, make sure that ur host and domain name registrar email are secure and use phone verification in ur host and domain registrar or at least secret question and dnt even use same password in other sites there r lot morre tricks this is just basics Good Luck
Keep software up to date Be careful with how much information you give away in your error messages. For example if you have a login form on your website you should think about the language you use to communicate failure when attempting logins Passwords should always be stored as encrypted values, preferably using a one way hashing algorithm such as SHA. Using this method means when you are authenticating users you are only ever comparing encrypted values. For extra website security it is a good idea to salt the passwords, using a new salt per password.
http://codecanyon.net/item/hide-my-wp-no-one-can-know-you-use-wordpress/4177158 Check that plugin out, its exactly what your looking for.