An audit of our hosting environment showed a malware php file in a hidden directory on your website/s. Our investigations have shown there were no vulnerabilities on our platform that caused this issue, and the attacker most likely used an outdated plugin to gain access.
This site went down! twice just recently. Think that I know which pluggin and had already removed it. Using long passwords e.g. a phrase of 20 or more characters, is a sensible and effective security precaution. [ed: Don’t use the same password for all websites. You’re asking for trouble if you use the same password for a news site and your email.]
I am pleased with my website host.
15/3/22 Previous strikethrough applied. This follows a migration by my host and subsequent problems contacting support. I expect to be moving to a different host.