Installing the repair hacked wordpress site Scan plugin will check most of this for you, and alert you that you might have missed. It will also inform you that a user named"admin" exists. That is your user name. If you wish you can follow a link and find directions for changing that title. I believe that there is a password security that is good, and there have been no attacks on the blogs that see this page I run since I followed those steps.
This is fantastic news as it means that there's a strong community of developers and users that can enhance the platform. However there's a group of people attempting to achieve something, there will always be people who will try to take down them.
Should you ever wish to migrate your website elsewhere, like a new hosting company, you'd be able to pull this off without a hitch, and also without having to disturb your old site until the new one was in place and ready to roll.
Now we are getting into things. You have to rename it to config.php and alter the document config-sample.php, when you install WordPress. You need to set up the database facts there.
However, I recommend that you install the Login LockDown plugin as opposed to any.htaccess controls. Login requests will be stopped by that from being allowed from a certain IP-ADDRESS for an hour or so after three failed login attempts. It is still possible to access your admin cell while and yet you have good protection against hackers if you accomplish this.