Originally Posted by k0nr4d

I don't really see why you are upset at m3server. Wordpress itself is not insecure as long as you keep it up to date, but often the plugins/extensions people use because they treat wordpress like some magical swiss army knife. It's a blog script, it's not an online store, a tube, a cam script and everything all in one.

It's not your server that got hacked, it's your wordpress installation. You are hiring m3server as managed hosting. They are there to manage your server, not to maintain your websites as you wrote. They are not programmers, and they don't do penetration testing of web applications. They are server admins.

What were you expecting them to do? The most they can do is restore from backup, but at this point it's not even people hacking wordpress sites - it's just bots. Without patching the hole, it would just get hacked again in a couple of days at most.

The exact same thing would have happened hosting anywhere else. If it hasn't happened at hawkhost, it's either because you aren't using the same plugins or versions of plugins on those sites and don't have the security hole, or you are just lucky and bots haven't stumbled apon your sites there yet.

What you REALLY need to do is make sure your wordpresses and plugins are up to date, and if it's still getting hacked after that hire a programmer or pentester to find the hole and patch it.