Okay, you got me: WordPress security isn't the sexiest way to spend your time, but it could end up being one of the most profitable! Nothing is more caustic to the lining of your stomach than having your site go down, and wondering whether or not you've lost it all.
The fix wordpress malware removal Codex has an outline of what permissions are acceptable. File and directory permissions can be changed through an FTP client or within the administrative page from the hosting company.
The one I personally recommend, and the stronger approach, is to use one of the password generation and storage plugins available on your browser. I think after a free trial period, you have to pay for it, although people like RoboForm. I use the free version of Lastpass, and I recommend it for those who use Firefox or Internet Explorer. That will generate passwords for you; you use one article source master password to log in.
Harness Scanner Check This Out goes through the files on your website comment database and place tables in search of anything suspicious. It also informs you for plugin names. It does not remove anything, it warns you.
You can get an SSL Encyption Security for your WordPress blogs. The SSL Security my latest blog post makes secure and encrypted communications with your site. You may also keep history of communication and the all of the cookies so that all transactions are listed. Be certain all your blogs get SSL security for protection.
Oh . And incidentally, I talked about plugins. When you get a new plugin, make sure it's a safe one. Don't install any plugin because the owner is saying that plugin will help you do this or that. Use perhaps, or a test site to check the plugin get a software engineer to examine it carefully. This way isn't a threat for your business or you.