Wordpress Security - How To Secure Your Wordpress InstallationIt's also important to change your password and admin username if someone helps you with your site and needs admin username and your password to login to perform the work. Admin username and your password changes, after all the work is complete. Even if the man is trustworthy, someone in their business may not be. Better to be safe than sorry!
The fix wordpress malware cleanup Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed through an FTP client or within the administrative page from the hosting company.
Protect your login credentials - Do not keep your login credentials where a hacker might find them. Store them offsite, and even offline. Roboform is very good for protecting them, too. Food for thought!
Exploit Scanner goes through the files on your site post, comment and database tables in search of anything suspicious. Additionally, it notifies you for odd plugin names. It doesn't remove anything, it simply warns you.
You can create a firewall that blocks hackers. From coming into your own files, the hacker is prevented by the firewall. You also have to have updated version of Apache. Upgrade your PHP as well. It is essential that your system is filled with upgrades.
Do your homework and some hunting, but if you are pressed for time and need to get this try the WordPress safety plugin that I use. you can try these out It is a relief to know that my website (and company!) are secure.