I'm being hacked regularly

account.

So my questions are:
- how they do enter on my site ?
- where to find informations on protecting my website (PHP scripts) ?
- How the pirate can have access to my FTP account ? Or can he install an
IRC server directly from one of my scripts ?
- Also can be a problem of the hosting instead of mine ?

Please help, I'm tired to re-install my server every week.

Hi all,

The site protection has never been an issue due to the main purpose of my
site: it's a community website and has nothing very important, just
informations.

Now the problem is that hackers don't only put my website regularly offline
but the worse thing is that they put spam script on my site and send
thousand spams from my account.

My site is build using $_GET["page"] so all my site has the same design
(index.php being the general design and including the forms from different
files).
The first attack was to put an URL in the page param so I had an attack likewww.example.com/index.php?page=www.siteofthehackertools....
The site of the hacker tool had a PHP script that was used to get
information on everything on my pages and also had a script to send emails.

Now I protect against this kind of param by checking them and they can't
access my site this way..

Now the pirate has installed a iroffer (an IRC server) directly on my
account.

So my questions are:
- how they do enter on my site ?
- where to find informations on protecting my website (PHP scripts) ?
- How the pirate can have access to my FTP account ? Or can he install an
IRC server directly from one of my scripts ?
- Also can be a problem of the hosting instead of mine ?

Please help, I'm tired to re-install my server every week.

Thanks