There are whole websites devoted to this topic. This is just a brief overview to alert you to some considerations to help keep your site from getting hacked.
Start with reading the page in the Codex about Hardening WordPress.
Be sure to read the part about File Permissions.
I’ve found several different articles with several different pieces of code to add to the .htaccess files to apply security restrictions to various directories.
Instead of doing it manually, there are several plug-ins that help. One I’ve used is:
This plug-in will also provide additional security checks.
Back-up, Back-up, Back-up
The best way to protect your data is to have great, and easy to restore back-ups.
Update, Update, Update
The WordPress Community is great about updating the WordPress Core when a security vulnerability is discovered. When you notice that an update is available, you should install it. Always take care that your plug-ins are compatible with the new upgrade.
And, speaking of plug-ins, keep those up to date as well. And if you are not using a plug-in, delete it.
Other Security Related Plug-ins
WP Security Scan
There are several resources for scanning your site for malware, such as: