it's can be apply not only to wordpress. But to all blog platform that can be installed into a server and shared host. so, What do you do via PHP coding or pluggin or any method to secure your installation ?
Limit access to ftp. For this, upload to server file .ftpaccess, and paste following code:
<Limit ALL>
Deny from all
Allow from Your.IP.Address
</Limit>
Also, limit access to most important files (like wp-login.php), uploading in the same folder file .htaccess:
<Files "wp-login.php">
Order Deny,Allow
Deny from all
Allow from Your.IP.Address
</Files>