I have had twice now, someone place a string of code on one of my websites. They stick it after the </body> tag inside a <div> as you see below. This is a different url in the code than the first time they did this, but the code is the same. (i.e. It's the same kind of redirect inside a <div> tag). The one I found this morning looks like:
" width=10 height=10></iframe></div>
The webpage they install it on is hcgdietdropsreview.com/ind
I need to know how to prevent this from happening?
How do they install it?
The server host says that no one is accessing my account, but not being a programmer I don't know where to turn. I'm good with html but only know enough .php to do very basic tasks.
Also, I don't know if this is relevant or not but prior to asking this question, I did have some facebook code on this index page, hidden behind a <!-- --> tag. I had placed it there for when I officially launch the website. I didn't want it visible until after I launch, although the domain and website are live at the moment. It was one of those facebook "like" buttons. Since it too is an <iframe> I decided to remove it, in case it had anything to do with the malicious code someone is putting on my page.
Please let me know if you need any other information or details and thanks in advance for your help.