http://www.websitedefender.com/announcements/websitedefender-wordpress-security-plugin-news/scan-blog-wordpress-security-scan/. Securing your WordPress installation is vital, the PHP installation as well as the MySQL database need to be protected. The Website Defender website offers a free service that will scan your website and offer suggestions on how to secure your WordPress installation and any other software that you have installed such as PHPBB. I followed through with their suggestions and now I have a much higher security rating for my website. The linked website offers a WordPress plugin which after installation requires that you copy a file to your public_html folder on your web server, allowing the service to scan your website for vulnerabilities and suggest how to take care of any security alerts that it detects on your website.I removed my PHPBB forums due to the fact that no one was using them and the PHPBB software was the source of more security vulnerabilities than WordPress. Due to the update process for PHPBB filling the folders with *.bak files instead of just updating the files in place like WordPress does. If no one is using the software installed on my website, then it is best to remove it until I find a need for it later.
Always updating your WordPress installation to the latest version is very important, as well as constantly updating your plugins when new versions are available. This ensures that you always have the latest code. But if you have a WordPress powered website then I can not recommend the Website Defender service enough. Some of the recommendations require that you have access to the PHP configuration to disable such things as PHP error reporting to the screen, that is not really necessary. The error logs contain the required information anyway. Any web hosting provider that offers access to the standard Cpanel administration software will be sufficient for this procedure.