The secure your wordpress website Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed either through an FTP client or within the administrative page from your web host.
Backup plug-ins is also significant. You need to backup all the files and database so in the event of a sudden attack, you can bring your own site back like nothing happened.
Keep your WordPress Setup to date - One of the easiest and most valuable tasks you can do yourself is to ensure that your WordPress installation is updated. WordPress provides you a notice in your dashboard, so there is really no reason.
Now we are getting into matters. Whenever you install WordPress, you need to edit the file config-sample.php and rename it to config.php. You want to set up the database information there.
Do your homework and some searching, but if you're pressed for time and need to get this done once and for all, try the read more WordPress safety plugin that I use. It's a relief to know that my site (and business!) are secure.