The fix hacked wordpress site Codex has an outline of what permissions are acceptable. File and directory permissions can be changed through an FTP client or within the page from the web host.
Hackers don't have the power once you got all these lined up for your security, to come to your WordPress blog. You definitely can have a safe WordPress account which gives you big bucks from affiliate marketing.
A snap to move - If, for some reason, you want to relocate your website, like a domain name change our website or a new web host, getting your files at your fingertips can save you oodles of time, headache, and the demand for tech help.
Now we are getting into matters. Whenever you install WordPress, you need to edit the document config-sample.php and rename it to config.php. You want to set up the database information there.
Do your homework and some searching, but if you are pressed for time and need to get this done once and for all, try out the WordPress security plugin that I use. It's a relief to know that my site (and company!) are secure.