The fix malware problems free Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed either through an FTP client or within the administrative page from the web host.
Also, don't make the mistake of believing that your hosting company will have your back so far as WordPress backups go. Not always. It's been my experience that the hosting company may or might not be doing backups, while they say they do. why not try this out Why take that kind of chance?
First in line is currently company website creating a password to your account. Passwords must be made with numbers and special characters. You may combine them and create small plus shifted letters. Smarter passwords can be your gateway to zero hackers. Make passwords that are difficult that only you can her explanation think of.
Now we're getting into things. Whenever you install WordPress, you need to edit the document config-sample.php and rename it to config.php. You want to set up the database information there.
Those are three things you can do to keep WordPress secure without plugins. Put a blank Index.html file in your folders, run your web host security scan and backup your whole account.