What does wpmudev recommend to protect the site from unauthorized access? I am asssuming you utiliz

There are alot of vulnerabilities, so I want to start with the wordpress site - and understand what you recommend for unathorized access to the site? I am reading about .htaccess, but need to understand your recommendations to lock the sitewide access down... What actions do you recommend? .htaccess methods? How?