The fix wordpress malware protection Codex has an outline of what permissions are okay. File and directory permissions can be changed either through an FTP client or within the page from your hosting company.
This is fantastic news as it means that there's a community of users and developers that can enhance the platform. However there is a significant group of people trying to achieve something, there will always be people who will try to take them down.
I don't think there is a person out Discover More Here there that after learning just how much of a problem WordPress hacking is that it's a fantastic idea. However is that when it comes to securing their sites, bloggers seem to be stuck in this reactive state.
Can you see that folder what if you visit WP-Content/plugins? If so, upload that blank Index.html file inside that folder as well so people can't view what plugins you might have. Because if your current version of WordPress is up to date, if you're using a plugin or an old plugin using a security hole, someone can use this to get access.
Don't use wp_. That default is being eliminated by most web hosting providers but if yours does not, adjust wp_ to anything but that.