The clean hacked wordpress site Codex has an outline of what permissions are okay. File and directory permissions can be changed via an FTP client or within the page from the hosting company.
Well, we are actually talking about WordPress but what's the sense of performing upgrades and security checks if your computer is in danger of hackers. There view website are malicious files which can encrypt key loggers in your PC. No matter what you do, they are easily able to access everything that you type on your keyboard when this occurs. You can find a lot of antivirus programs that are good online. Just look for a credible antivirus program or ask experts.
This is very handy plugin, protecting you against brute-force strikes that are password-crack. It keeps track of the IP address of every failed login attempt. You can configure the plugin to disable login attempts for a selection weblink of IP addresses when a certain number of failed attempts is reached.
Another step to take to make WordPress more secure is to upgrade WordPress. The main reason behind this is that there come fixes for old security holes making it essential to upgrade.
Of course it's possible to install plugins to make your shop more user-friendly like automatic backup plugin or share buttons. That's all. Your store is up and running!