I use Media Temple, which means people try to hack my WordPress installation basically all the time.
Here are some key plugins I have used to really improve the situation:
- Block Bad Queries: http://perishablepress.com/block-bad-queries/ – This prevents people from trying to do things maliciously with URLs.
- Akismet: http://akismet.com/ – Duh. Slam dunk.
- Limit Login Attempts: http://devel.kostdoktorn.se/limit-login-attempts – This prevents brute force login attacks.
- WordPress File Monitor: http://wordpress.org/extend/plugins/wordpress-file-monitor/ – This is unmaintained at this point, but it does what it does well, which is preventing general Media Temple hackers from hiding files in my file space. Critical stuff.
- WP SpamFree: http://www.polepositionmarketing.com/library/wordpress-plugins/wpspam-free/ – Another unmaintained library, but it supplements Akismet well.