Hi guys, I am using wordpress on my site, and twice in 14 months my site has been hacked. Both times index.php gets changed in root folder, i am not sure but i suppose it is done using comments. Can anyone tell how it is being done & how to evade it?