Then find out what version of Wordpress, PHP, mySQL, and other software is on your server, and what the latest versions available from their vendors are. These must be kept absolutely up-to-date to prevent problems. On shared hosting, keeping these programs updated is something your host should be doing for you.

If you have any forms or scripts that you have written yourself, be sure to 'clean' or 'sanitize' their input using server-side code (e.g. PHP, PERL), not client-side code (e.g. JavaScript). Make and enforce a list of characters that you are willing to accept in submissions, rather than trying to make a list of characters that you want to reject. The difference here is subtle, but consider the effect of making a mistake in your list; The first method may occasionally reject a valid submission or remove a 'safe' character, which is unfortunate. But the second (and more common) method will allow a hack, which is a disaster. So using a whitelist instead of a blacklist is recommended.

You can look at your server FTP logs if they are available to you, and see if there are any signs of people logging in and uploading files -- or repeatedly trying to log in. In many cases, the log files needed to trace an intrusion are only available to the server admin, and so not available to Webmasters on shared hosting. And unfortunately, just because you get an IP address associated with suspicious activity doesn't mean that you can actually identify the perpetrator: Many will use open proxies, dynamic IP addresses, etc. to avoid traceability.

We cover a wide range of 'security' subjects here, but mostly in the "Webmaster" and "Technology" forums. Try a site search on WebmasterWorld for "hacking," "injection," and other related terms for more information.

Jim