Most of the time a website running WordPress is hacked the culprit is not WordPress, but of any silly misconfiguration that could be avoided during its development.
That’s the idea of this project: Being a checklist of actions that you should take to increase the security of your website.