The WordPress configuration offers a lot of possibilities to enhance out of the box.
A quick and simple way to boost security is to use the following settings in wp-config.php
:
define( 'DISALLOW_FILE_EDIT', true );
define( 'WP_HTTP_BLOCK_EXTERNAL', true );
define( 'WP_ACCESSIBLE_HOSTS', '*.wordpress.org,wordpress.org' );
More tips and tricks can be found in the Codex at Editing wp-config.php.