I help a friend of mine with a web site for his music store. To enable me to manage that I decided to get a reseller account at a webhosting provider (whp). This enabled me to avoid the nickle and dime charges which Powweb (where this blog is currently hosted) charges for configuration changes such as adding a MySQL database or having additional domains pointed to my package space.
Unfortunately, my site was hacked. I'm not sure how. My whp suspended my account when they noticed improper activity which makes sense. When I convinced them that the problem was not of my making (other than by being hackable, I guess), they reactivated the account after removing the problem files (some kind of IRC client program, they said). So, I was back up and running. I changed my passwords (at least, I think I got them all), but I couldn't see how I'd been hacked because the whp removed the evidence.
Yesterday, I got an email that my account was again found being used for improper activities so they closed my account and told me I was not welcome there anymore. I still don't know how the site was hacked. They said I'd have to do some convincing and also pay $250 to get reinstated ($125/hr for two hours of support help). For an account for which I was paying $10/month? I don't think so.
So, I'm getting a new reseller account set up at a different whp. I'll try to have it set up differently and I hope it will not be so easily hacked. I expect that if someone hacked this site then I'd be in the same boat here. That would be a real pain since I'd then be without my email as well. I'm going to need to see what I can do about having a readily available backup plan as well as plans for failing over to another system (even if the failover mechanism is manual rather than automatically triggered).