File Permissions

In the interests of keeping WordPress as locked down as is reasonably possible, directory and file permissions should be set accordingly:

find ~/public_html -type d -exec chmod 755 {} ;
find ~/public_html -type f -exec chmod 644 {} ;

Pay special attention to wp-config as a special case, lock this down as much as possible.   If possible, move it to a directory outside of the DocumentRoot.

http://codex.wordpress.org/Hardening_WordPress