What exactly is WordPress cloning and why is it a very useful tool to have in your webmaster's bag? Most people think that this is a dishonest technique for duplicating sites to garner more link love and rankings, and while that may have been true (and useful!) This is an entirely different endeavor.
By default, the newest version of WordPress is pretty darn secure. Anything which may have been added to some fix wordpress malware scanner plugins has been considered by the development team of WordPress . Before, WordPress did have holes but most of them are stuffed up.
If you're one of the ones, I might find it somewhat harder to crack your password. But if you're one of the ones, I might get you.
Move your wp-config.php file up one directory from the WordPress root. WordPress will search for it there if it can't be found in the root directory. Also, try this out nobody will be able to read the file unless they've SSH or FTP access to your server.
You can get an SSL Encyption Security for your WordPress blogs. The SSL Security makes secure and encrypted communications with your site. So that all transactions are listed, you may keep the all anchor the cookies and history of communication. Make sure all your blogs get SSL security for protection from hackers.
There is another problem you have with WordPress. People always know where they can login and they could visit your login form and try out a different combination of user accounts and passwords. So as to prevent this from happening you want to set up Login Lockdown. It's a plugin that allows users to try and login with a password three times. After that the IP address will be banned from the server for a specific amount of time.