Just try and check your logs. If you can't find them or if you don't have them ask your webhoster for help or just replace your scripts for a while. If they can hack it so far, the might hack you introuble even more so your site will be used for illegal transportation of files, you'd never know untill you get a bandwith bill.
1) check kernel version (should be at least 2.4.25)
2) check for problematic cgi/php scripts, mostly look for dangerous functions / places where you don't validate the information you get as an input from the browser
3) have an up to date web server
4) check that you don't have ports that are opened with no use on your server.
5) check for known security problems on other services as well.
If it's just YOUR specific site that keeps getting hacked, it's most likely none of the above. Those would indicate the server itself being hacked, not your specific site.
Steps to stop something like this are rather simple:
A> Change your password and give it out to NOBODY
B> Remove all scripts that you didn't specifically write. Most likely these are the cause of your hack. If you can't remove, then at least verify that they're secure. Most aren't.
C> Change your public_html permissions so that only YOU can write to this folder, not nobody, not your group.
D> Change your index_html so that only YOU can write to this file, not nobody, not your group.
If you're running a bulletin board, then this most likely needs to be updated as well.
WHMCS Guru - WHMCS addons, management, support and more. WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
Linux Problems? WHMCS Issues? +1-866-546-8914 (linux-14) or @whmcsguru on twitter!