I have a dedicated server on which resides my very small but rather busy web site. The domain is "small" in that the site has very few static pages (five hundred or so) which are small and simple, plus a very quiet forum (one or two posts a day, on average). The domain is "busy" in that eighty or so thousand people visit during the "up" time. (North American summers are the "down" time.)

This year, I seem to have passed some Rubicon of perceived size. I am being flooded by requests from advertisers of varying degrees of reputability, and have begun to suffer hacking attacks, largely attempts to serve up malware to my site's visitors through "injections" (?) into the ad-serving database.

I'm a retired teacher. My site has gotten to be of a size such that it is experiencing issues that I don't know how properly to handle. I would like =not= to have to deal with security issues after they happen (but I don't have the expertise to "harden" my server, etc, sufficiently to prevent issues in the first place) or to have to "clean" MySQL databases after the fact.

I am interested in recommendations for third-party security services. I am vaguely familiar with WebsiteDefender, Qualys, and Dasient, but I don't know enough to be able to say if any of these is even what I'm looking for.

Thank you.

Eliz.