I’ve read articles about protecting wp-config.php using .htaccess as well as setting the correct file permissions but I want it all in one place. What should my .htaccess file look like and what folders is it safe to have 777 vs 755 permissions?
Hardening WordPress on the WordPress Codex is a very good article on how to secure your WordPress blog, which goes into quite some detail on file permissions, as well as some other methods of securing WP.