The rename your login url to secure your wordpress website Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed via an FTP client or within the administrative page from your web host.
Backup plug-ins is also important. You need to backup database and all the files you can bring back your own blog like nothing.
Should you ever want to migrate your website elsewhere, such as a new web host, you'd have the ability to pull this off without a hitch, and also without needing to disturb your old site until the new one was set up and ready to roll.
Can you view that folder Imagine if you go to WP-Content/plugins? If so, upload that blank Index.html file inside that folder as well so people can't view what plugins you might have. Because even if your version of WordPress is up to date, if you're using an old plugin or a plugin with a security read the article hole, then someone can use this to get access.
Change admin username and your WordPress password, or your learn this here now password, frequently and collect and utilize other good WordPress security tips to keep hackers out!