The rename your login url to secure your wordpress website Codex has an outline of what permissions are okay. Directory and file permissions can be changed via an FTP client or within the page from the hosting company.
Protect your login credentials - Don't keep your login credentials where they might be found by a hacker. Store them offsite, and even offline. Roboform is for protecting them good . Food for thought!
I don't think there's a person out there that after learning just how much of a problem WordPress hacking is that it's a good idea to enhance the safety reference of their blogs. However is that when it comes to securing their sites, bloggers seem to be stuck in this state.
What if you go to WP-Content/plugins, can you see that folder? If so, upload that blank Index.html file into that folder as well so people can't see what plugins you have. Someone can use that to get access because even if your version of WordPress is current, if you're using a plugin or an old plugin with a security hole.
There are always going to be risks being online (or even just being alive!) And it's easy to get caught up in the panic. We put the breaks on, when we get caught up in the fear. have a peek here This isn't a fantastic response. Take some common sense precautions, then forge ahead. If something does happen, it is going to have to be dealt with then and no amount of quaking in your will have helped. If nothing does, all is good and you have not made yourself ill.