Protect, kinda, your wordpress!
# Deny anybody wp-login access
RewriteCond %{REMOTE_ADDR} !my\.ip\.address\.xxx
RewriteCond %{THE_REQUEST} .wp-login\.php.*
RewriteRule .* - [F,L]
# Refuse access in wp-content directory except for the three files mentioned
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /wp-content/.*$ [NC]
RewriteCond %{REQUEST_FILENAME} !^.+flexible-upload-wp25js.php$
RewriteCond %{REQUEST_FILENAME} !^.+style.css.php$
RewriteCond %{REQUEST_FILENAME} !^.+wpsf-js.php$
RewriteCond %{REQUEST_FILENAME} ^.+\.(php|html|htm|txt|pdf)$
RewriteRule .* - [F,NS,L]