The secure your wordpress site Codex has an outline of what permissions are okay. File and directory permissions can be changed via an FTP client or within the page from your hosting company.
I protect an access to important files on the site's server by placing an index.html file in the particular directory, which hides the files out of public view.
There's a section of config-sample.php that is headed"Authentication Unique Keys." There are. A hyperlink is inside that section of code. You need to enter that link into your browser, copy the contents which you get back, and then replace the keys you have with the unique, pseudo-random keys provided by the site. This makes it harder for attackers to automatically generate a"logged-in" cookie for your website.
Make useful reference a note of your new password! I recommend the free or paid version of the software that is protected *Roboform* to remember your passwords.
You do not always consider needing security, when your website is new but you do have to protect your investment and yourself. Having a site go down and not having the ability to restore it may mean a major loss of customers who won't remember to look for your site later and can not find you. Do not let that happen to you. Back your site up after you get it started, and schedule link backups try these out for as long as the website is operational. This way, you will have WordPress security and peace of mind.