A while then, they started spreading over the network.

Today, viruses are being spread to your website. Now, how do they do that ?

First of all, it's quite simple. The viruses that you pick up downloading files from some suspicies websites are installed on your computer. Then, they search for your ftp details on your computer. Usually, you save your details with your ftp client. They connect to your ftp service, search for index-like files (index.html, index.php, ...) and when found they modify it with their own code at the header or footer of the file. They usually put the code for promoting other websites, or in some case put a link to a file to infect your visitors. Naturally, your visitors trust your website, and they will download the software which will get their computer infected.

The key for your protection in general would be:

-not to keep your password saved in the ftp client (Don't mind typing it every time you connect, as it will save you time in case virus infected you, or somebody hacks your computer)

- keep the backup of your website, so if you get infected, you can easily re-upload your website with clean code

- keep the antivirus updated. Antivirus is a good prevention, as the latest updates usually can reckognize and detect the viruses being downloaded from the web, thus prevent infection of your computer.

These types of attacks are just starting to appear. I have personally seen just a few of them, so it's not that common. If you had an experience with it, and would like to share a method for prevention, please feel free to post a comment.

Although I do manage APF tool on my work, just recently I have put it in my personal use.
APF is netfilter (iptables based) firewall system designed to cover all advanced needs of your workstation for net filtering.I will just mention a few of its features that are most interesting to me and maybe will draw your attention:
- Detailed and well commented configuration file (very easy to modify and adjust to user's personal needs)

- Reactive address blocking (RAB), next generation in-line intrusion prevention

- Fast load feature that allows for 1000+ rules to load in under 1 second

- Spamhaus don't route or Peer List support to ban known ìhijacked zombie IP blocks

- Intelligent route verification to prevent embarrassing configuration errors

Those are just a few, they have on their website a lot more, that or more or less useful. Overall, I think it's a good practice to introduce APF to your workstation, and let the filtering go at ease.Anyhow, if you feel curious about it, google "APF firewall" and it'll bring you right to their website.
For you who have experience with APF or maybe even better project, please feel welcome to comment.