Main site ...
Yesterday, I got an email from dreamhost that a couple thousand (of their hundreds of thousands) of accounts had been cracked, they're looking into it, the criminal had used scripts to modify .html pages, that less than 20 % of the cracked accounts had been touched -- and that mine was one of the cracked accounts.
So I went hunting, to see if I was in those 20 %. And I found a suspicious file among my ftp files.
So. I changed my various passwords, did a 24 hour upload (my site is big) of all the ftp files and all of my main site files, did a quick "move old to bad, move new to old", checked that things work, did a "remove bad", and things are all hunky dory again.
Or, while they should be, one or the other glitch might have turned up. Please let me know if you find one - I'll fix it asap. Thanks!