Mind you, I don't have sensitive documents hosted on the server, just html and image files.
Information leakage can cause problems even if you don't think it's important. What may not be important to you may add some more for someone else. Honestly, if there is no reason to see or use it, they shouldn't.

I'm also confused about the differences between read and execute. I know that write allows a user to modify or add a file/directory, but what about read and execute? When a user visits my site and reads a simple html document, isn't the user already executing it? Or does execute only apply to scripts and programs?
It would only apply to scripts and programs. When the user is reading the file they are just looking at it. No where are they modifying or doing anything to the file. It's akin to cat filename.

What permissions and other steps should I take in order to really lock down my site? I just want people who visit my site to have the bare minimums, like accessing and reading simple html documents.
Then only post what you want them to see. The more complex the site, the more risk and the more things you have to do (e.g., stricter access controls, validation checking, etc.)