Webdesign isn't my thing but i know enough to help maintain a website for a church, it is a small scale and all i do is post events and upload pictures. a few days ago the site's ftp account got hacked and all the files been modified. i reset all the passwords and regained access but now i can't even download the files to my computer.
I finally was able to zip the index.html using the filebrowser on the host control panel and downloaded it that way then i used a virtual machine to open the file in notepad and found a script i didnt add in there with a lot of numbers.
my question is if i remove the script from the code and saved it is that good enough to make it safe for use or what should i do?
another question, is there anything i can do on my end to prevent things like that from happening?
(my password was 12 chars long had capital, lower, numbers and special characters)
i can provide more details if needed such as the log i got from the host company if that helps
thanks in advance.