Hi, I'm quite new at Heliohost, I created my account a few weeks ago. I created my first website, based on latest wordpress 3.4.2, without any additional plugins. I added just a few test themes, added some notes, and I didn't published the website's address nowhere yet. Yesterday (22nd of Nov, at 19:26 to be precise), my main index.php was deleted and replaced by index.html, containing some turkish video on YT, and words "Rea_pErz Was Here". Also the hacker added wordpress theme "This Is Rea_pErz's Shell", written in PHP (of course, I downloaded the files and deleted from the account immediately after). Now, I'm starting to reinstall wordpress and database, change passwords, check all my computers against trojans and viruses, etc. I found, that there was such case on heliohost before - see http://www.helionet.org/index/topic/12493-wordpress-blog-hacked-by-rea-perz/ I have several thoughts on that: - I know that website stats are disabled, but can I access some apache logs? Perhaps I could find out, how someone managed to hack my website? - My password was of medium strength, but it wasn't dictionary word. I guess, that hacker managed to enter the site by some SQL Injection rather, than by password guessing. - how can I protect myself against such attacks, apart from not using plugins in wp, having strong passwords and making backups? - I wonder, how the attacker got address of my website - it was parked domain, made from SeveralConcatenatedPolishWords.pl - there is very small chance someone just guessed the name. - I tried to use user_logs ftp account, to see if I can access some logs, but server dropped the connection with message "home directory not found". I also see, that /var on stevie is 99% full. - I know I have unpaid account, but can I make support request out of this? Such cases can influent more people than me - the hacks could be because of my misconfiguration, but also because of some features of heliohost. I'm not blaming anyone, just I am thinking what do do next.