The fix wordpress malware virus Codex has an outline of what permissions are acceptable. File and directory permissions can be changed either via an FTP client or within the administrative page from your hosting company.
Strong passwords - Do what you can to use a strong password, alpha-numeric, with upper and lower case and special characters. Easy to remember passwords are also easy to guess!
Should you ever wish to migrate your website elsewhere, such as a new web host, you'd have the ability to pull this off without a look at more info hitch, and also without having to disturb your old site until the new one was set up and ready to roll.
Now we are getting into matters specific to WordPress. You must rename it to config.php and modify the document config-sample.php, when you install WordPress. You need to deploy the database facts there.
Change your password, often, or at least your WordPress admin and password username and collect and use other good WordPress security tips to keep hackers out!