http://codex.wordpress.org/Hardening_WordPress
For modified WordPress directory structure
For files, within site directory:
find ./ -type f -exec chmod 664 {} \;
For directories:
find ./ -type d -exec chmod 775 {} \;
All files should be owned by your user account, and should be writable by you.
sudo chown -R username directoryname
Any file that needs write access from WordPress should be writable by the web server… that may mean those files need to be group-owned by the user account used by the web server process.
From within site directory:
sudo chown -R _www app/plugins/ app/uploads/
http://codex.wordpress.org/Changing_File_Permissions#Finding_Secure_File_Permissions
chmod 644 wp-config.php