You can…
- Learn about file permission (on wordpress)
- Install WordPress Firewall plugin (version 2 for 3+ versions)
(this dissalow access to any folder or file indirectly) - Hide Your WordPress Version
- Try to update plugins & Wp
- install Login Lockdown Plugin
(this stops any brute force attemts) - Verify that your theme doesnt show “publish by $username” but shows “display name”
- Use secret Keys in wp-config.. Keys Generator: here
- Move wp-config up one directory (wordpress would look for it dont worry..)
Hope this helps… if nothing else – at least install the plugins.
A small tale.. i used to host one of my website in some 1$ per month server (cant recall its name).. anyhow, it got hacked 4 times in 6 month’s.. and i know a thing or two about wp security… nothing helped!
But – Once i left that hosting, the hacking stopped… 🙂
Have a gr8 day.