The fix wordpress malware protection Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed either via an FTP client or within the administrative page from the hosting company.
An easy way is to use a few tools. First of all, don't allow people run a web host security scan to list the documents in your folders and automatically backup your web hosting account.
Recently, the site of Reuters was murdered by an unknown hacker and posted a news article that was fake. Their reputation is already ruined due to what the hacker did since Reuters is a news site. The same thing may happen to you in the event you do not pay attention on the safety of your WordPress blog.
WordPress is one of the platforms for sites and websites. While WordPress is pretty secure from the box, there are always going to be individuals who want to create trouble by finding a way to crack into accounts or sites to cause damage or inject hidden spammy links. That's why it's important to be sure that your WordPress installation is as secure as possible.
I prefer using a WordPress plugin to get the job done. Just see this make sure is in a position to do backups that are select, has restore functionality, and can clone. Be sure that it is frequently updated to keep pace with all versions of WordPress. There's absolutely not any use in backing your data up to a plugin that is out of date, and not working.