The fix malware problem Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed either via an FTP client or within the page from the web host.
No software system is resistant to vulnerabilities and bugs. Security holes will be found and bad men will do their best to exploit them. Keeping your software up-to-date is a good way to stave off attacks, because reliable software vendors will fix their products once security holes are found.
For me it's a WordPress plugin. They are drop dead easy to install, have all the functions you need for a job such investigate this site as their explanation this, and are relatively cheap, especially when compared to having to hire someone to get this done for you.
Note that you should only try this step for setups. You will also need to change all of the table names within the database if you would like to do it for installations.
There are always going to be risks being online (or even just being alive!) Also it's easy to get caught up in the fear. We often put the breaks on As soon as we get caught up in the panic. This isn't a fantastic reaction. Simply take some common sense precautions forge ahead. It is going to have to be addressed then, if something bad does happen and visit here no amount of quaking in your boots before-hand will have helped. If nothing does, all is good and you have not made yourself ill with worry.