Many people new to WordPress have yet to grasp just how important it is for your own WordPress safety which you create backups of your site regularly. This can and often will help WordPress website owners avoid the pain of getting your site disappear. Let's look at some ways to avoid this doomsday scenario!
The fix wordpress malware scanner Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed via an FTP client or within the administrative page from your hosting company.
Also, don't make the mistake of thinking that your hosting company will have your back see this page so far as WordPress copies go. Not always. It's been my experience that the hosting company may or might not be doing proper backups, while they say they do. Take that kind of chance?
One thing you can take is to delete the default administrator account. This is important because if you don't do it, a user name which they could attempt to crack is known by malicious user.
Note that this last step for new installations should only try. You'll also have to change of the table names inside the database if you might like to get it done for installations.
Change your password, or admin username and your WordPress password and collect and utilize other WordPress security tips to keep hackers out!