The fix malware problems free Codex has an outline of what permissions are okay. File and directory permissions can be changed via an FTP client or within the page from your web host.
Truth is, if a master of this script targets your site, there is no way to stop an intrusion. Everything you are about to read below are a few precautionary actions you can take to minimize the risk. If your WordPress site is protected odds are a hacker would prefer choosing easier victim, another.
Keeping your WordPress website up-to-date is one of the easiest things you can do. For the past couple of versions, the ability to set up updates has been included by WordPress. A new update becomes available.
Now see post we're getting into things specific to WordPress. Whenever you install WordPress, you need to edit the file config-sample.php and rename it to config.php. You need to install the database information there.
There visit this page is another problem you have with WordPress. People know they could just drop by with your login form and where they can login and try a different combination of passwords and user accounts outside. In order to stop this from happening you need to install Login Lockdown. It is a plugin that only allows users to try to login with a password three times. After that the IP address will be banned from the server for a certain amount of time.