I have Firewall2 installed on all of my sites and it has served me very very well!
I recently installed it on a client's website after that site got hacked. I did a clean install of WordPress and then reconnected the database which was clean.
The site was going well for a while and then about two weeks later it was hacked once again (eval base 64 crap, creating .htaccess files with redirects in every directory etc).
But this time we received no warning that the site was being hacked. The only difference between this site and my others has been that it's on a Windows Server. There have been several weird issues that have come up with an installation of WordPress on a Windows Server, so I am wondering if there's a possibility that it's not compatible for my client's site?
I currently have the entire site read only, which is a pain but I need to protect the content while I find a suitable solution. I thought Firewall2 was it, but I am wondering now if there's an issue between how Windows servers work and Firewall2?