The how to fix hacked wordpress site Codex has an outline of what permissions are okay. File and directory permissions can be changed via an FTP client or within the administrative page from your hosting company.
Truth is, there is really no way, if your site is targeted by a master of the script. Everything you are about to read below are some actions you can take to quickly minimize the risk. If your WordPress site is protected chances are a hacker would image source prefer choosing another.
Exclude pages - This plugin provides a checkbox,"include this page in menus", which is checked by default. If you uncheck it, the page will not appear in any listings of pages (which contains, and is usually limited to, your page navigation menus).
Another step to take to make WordPress secure is to upgrade WordPress to the latest version. The reason behind this is that there come fixes for security holes making it essential to update early.
However, I advise that you set up the Login LockDown plugin rather than any.htaccess controls. Login requests will be ceased by that from being allowed from a certain IP-ADDRESS for an hour or so after three unsuccessful login attempts. It is still possible to access your cell while and yet you have protection against hackers, if you additional hints accomplish this.