Some fool, who has nothing else better to do uploaded a virus that was able to attach to the godaddy server that I am hosted through. They found it and got rid of it but of course before they did, it was able to get into some of the email addresses on the backend of my site and send post card email messages. Now I am fielding all kinds of emails and it makes my site look bad. How can I avoid this in the future how do I make my site more secure. Thank you
Do you have an upload section on your site? Are you using someone's code for your upload functionality? If so, you have to check for mime types before allowing the file to be uploaded. Not just the file extension, but the actual mime type. Also, have your program change the name of the file while it's being saved. The attackers need a way to activate their file. If you leave the name the same as what they named it they can find it and activate it - in most cases. PM me your site name and I'll check it out for you if you'd like.