Over the past couple of weeks I have been helping people out who have had their WordPress sites hacked into. Having your site hacked is the same as having your house robbed. You feel violated, you’re not too sure exactly how they got in or what damage they might have caused or what might be missing. All in all it sucks.
The first precautionary step to securing your WP site is making sure that your install is up to date. As of today, version 2.8.4 is available and every body MUST make sure this is the version they are using. I say MUST because if you don’t upgrade to version 2.8.4 your site is wide open to attack.
If you have 2.7 or higher installed, you can automatically upgrade through the WordPress admin. Before you do, though, make sure to backup your database. If you are using a version of WP that is older than 2.7 then you need to upgrade through FTP.
Here is a great article on how to upgrade WordPress: http://codex.wordpress.org/Upgrading_WordPress
Be sure to check out the following articles on how to make your site more secure.