I'm new to this. First post on anything ever.
I am non-technical, but used forums etc to develop my website: http://billingifc.com.au . It is a static site.
I set it up in May this year (learning a great deal about HTML etc along the way). In mid-September, it got hacked by the Bangladesh Cyber Army. They changed my email and password so I couldn't log in to wp_login.php. After much angst and this forum, I discovered PHPmyadmin, and changed my email and password back. Then found a bit of code the hackers inserted, and removed it. (Basically, when you tried to go to a page like mysite/xxx where xxx didn't exist, it sent you to the hacker's message.) I was using the Squirrel theme, and had the following plugins activated:
- XML sitemap generator
- XYZ contact manager
Two weeks later, my website was hacked again by someone else. This time no page was accessible, as all showed a screen "you have been hacked by...." (I can't remember who). Again my email and password had been changed. I fixed it the same way, but then got very nervous about what code may have been inserted so I actually rebuilt my website from scratch!! This time I installed the sitemap generator and the contact manager only. (My host told me there was no problem on their end.). I also backed up my files using Filezilla, and my database into a .gz file.
To weeks later (yesterday), I couldn't get on to the site again... and again couldn't access wp_login.php with my username and password. This time I couldn't do anything in PHPmyadmin at all - just got errors that the information in the tables was incorrect and the tables were corrupt. I followed forum advice to check all tables, then repair them. Every table was corrupt. No table was able to be repaired. I couldn't find any help on forums. My host told me everything was fine on their end. So again, I rebuilt my site from scratch. (I also couldn't find any help on how to restore the site from my backups). I haven't installed any plugins yet. Too scared!
So my questions:
1. Any idea why this is happening to me? Is it WordPress, Squirrel theme, my plugins, bad luck, other???
2. Do you think yesterday's event (database tables corruption) was due to hacking, or bad luck or bad management?
3. How do I stop it happening again? (i've read all the threads on securing WP sites... on my 2nd website, I did all the things I understood, but please bear in mind I'm a complete beginner at all of this!!)
4. If it does happen again, how do I restore my website from my backups (I have cPanel and PHPmyadmin). Or perhaps, how should I back them up so they can be restored? I couldn't find anything which told me how to restore... and cPanel tells me that it will back everything up but it won't restore for me.
Any help would be so greatly appreciated! Thanks