As many know the security of your wordpress is very important. Below are some steps that you could take to secure your wordpress blog.
1. Make sure your server has php suexec installed (this blocks the need for 777 permissions and blocks php injections).
2. If you do not have php suexec then make sure your permissions are not 777 on any file.
3. Make sure all folders contain a blank index.php to block anyone from viewing the files in those folders.
4. Change the prefix on your database - some may need a coder to do this. Do not attempt if you do not understand databases.
5. Disable any and all "auto updates". You do not have to update your blog just because a new release is out. Many times this could be a huge mistake, if it is not broken don't fix it!
6. Admin approval should be required for any and all comments and registrations.
7. Change your wp-admin folder name - again you may need a coder for this if you do not know what you doing.
8. Change your plugin folder name - again you may need a coder for this if you do not know what you doing.
9. Remove the WP version from your headers. You should be able to edit the template files from admin. Locate the header and you will see code that specifies wp version, remove it.
10. You could take a step further and add password protection to your admin folder by using .htaccess to password protect the folder. You will have to login twice now in order to access admin but little extra security never hurts.