A half and year taught us that WordPress security shouldn't be dismissed by any means. Between 15% and 20% of the world's high traffic websites are powered by WordPress. The fact it is an Open Source platform and everybody has access to its Source Code makes it a prey for hackers.
rename your login url to secure your wordpress website will also tell you that there is no htaccess from the directory. You may put a.htaccess file within this directory if you desire, and you can use it to control access from IP address to the directory or address range. Details of how to do this are available on the net.
An easy way to maintain WordPress safe would be to use a few tools. To begin with, do not allow people run a web host security scan to list the documents in your folders and automatically backup your web hosting account.
This is very useful plugin, protecting you against brute-force strikes that are password-crack. It keeps track of the IP address of every failed login attempt. You can configure the plugin to disable login attempts for a selection of IP addresses when a certain number i loved this of failed attempts is reached.
Another step to take to make WordPress more secure is to always upgrade WordPress. The main reason behind this is that with each new update there also come fixes for security holes that are old which makes it essential to update.
Oh . And by the way, I talked about plugins. When you get a new plugin, make sure it's a secure one. Don't install any plugin because the owner is saying that plugin can help you do this or that. Maybe use a test site to look at the plugin, or perhaps get a software engineer to examine it carefully. This way you'll know it isn't a threat for your organization or you.