You may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
The fix wordpress malware cleanup Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed either via an FTP client or within the administrative page from your web host.
There are numerous ways to pull this off, and a lot involve copying and FTPing files, exporting and re-establishing databases and more. Some of them are very complicated, so it's imperative that you select the best one. Then you might want to check into using a plugin for WordPress backups if you're not of the persuasion that is technical.
One thing you can take is to delete the default administrator account. This is critical because if you do not do it, a user name which they could attempt to crack is go to this web-site already known by malicious user.
Now we are getting into things specific to WordPress. Whenever you install WordPress, you need to edit the document config-sample.php and rename it to config.php. You need to install the database information there.
Always keep in mind the security of your blogs depend on how you manage them. Be sure that you follow these tips to avoid hacks and exploits on your own blogs and sites.