One of the most important things you can do in order to keep WordPress safe is make sure it is kept up to date. Many websites get compromised by using known exploits that have already been fixed. People scan the internet looking for older versions of software to use the known vulnerabilities.

Keeping everything else on the server up to date is also important. You should regularly log in and apply security updates on the server.

Some more general tips:

• Set up a firewall. If you’re on Ubuntu, UFW makes it easy.

  • Use SSH keys to connect to the server instead of passwords.

Along with the advice above about ssh-keys change the port that ssh listens on. On a debian system the setup is in /etc/ssh/sshd_config. Should be the same on other flavors of Linux. Also you may want to install a firewall like shorewall to shut down all ports that you don’t use just in case there is a mistake in a setting somewhere that would open up a service to the outside by mistake. Also look into ssh port forwarding that would allow you to connect to services that you have blocked to the outside over a secure link.

Hi, sorry for my quick response
I was used many aplicable tips form these links:

http://www.andrewault.net/2010/05/17/securing-an-ubuntu-server/
http://blog.al4.co.nz/2011/05/setting-up-a-secure-ubuntu-lamp-server/
http://www.tecmint.com/linux-server-hardening-security-tips/

i personally use this plugin in my WP.
http://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
Or
https://wordpress.org/plugins/better-wp-security/