I've posted this in the website Design forum as well, so sorry for any double-up.
Just need some advice, I've started blogging for a new client & over the last few days have had some new users appear on the site. They used an email address whose url led to a dodgy-looking Russian site. I'm pretty sure it's a spam bot that's gotten in and set them up as the site hadn't been updated to the latest version of WP. I've updated it & deleted the spam users, but am wondering what is the best way to secure the site (apart from changing passwords)? I'm pretty sure WP was setup on this site with an auto install, is there any way to correct this with the current setup, or do I need to uninstall WP & do a manual WP install?
I'm not the most technically advanced Warrior, so any and all help would be invaluable.