I've always been a proponent of having just the most secure site that you can possibly make. And as such, I always take precautions to make sure of that and also, because I am just one man, things are going to happen. I track as many anomalies as I can, I ensure that all passwords are hashed, and if need be I block traffic coming from suspicious nodes, things that I think everyone should be doing to better secure their sites. But just recently, none of that mattered. No amount of secure code or configuration can fully protect your digital environment on a shared hosting server. Let me correct that phrase, on a Windows Shared Hosting environment.