Bulletproof security is an excellent wordpress security plugin for your wordpress installation
it provides a lot of cool features:
XSS protection
SQL injection protection
htaccess protection
wp-config protection,
One-Click Setup Wizard
Setup Wizard AutoFix (AutoWhitelist|AutoSetup|AutoCleanup)
MScan Malware Scanner
.htaccess Website Security Protection (Firewalls)
Hidden Plugin Folders|Files Cron (HPF)
Login Security & Monitoring
JTC-Lite (Limited version of BPS Pro JTC Anti-Spam|Anti-Hacker)
Idle Session Logout (ISL)
Auth Cookie Expiration (ACE)
DB Backup: Full|Partial DB Backups | Manual|Scheduled DB Backups | Email Zip Backups | Cron Delete Old Backups
DB Table Prefix Changer
Security Logging
HTTP Error Logging
FrontEnd|BackEnd Maintenance Mode
UI Theme Skin Changer (3 Theme Skins)
Extensive System Info
I have used this plugin on my sites for the last 8 years. The plugin is constantly updated and comes highly recommended.
for the full list of things please see