Chinese Hackers uploading to my site

I'm all out of ideas once. A year ago Chinese hackers were able to access my website and upload files via FTP to promote a bogus clothing business. Last week they did the same thing.
All my passwords (and I use a different one for every aspect of the site) are totally random and unguessable. I changed them all again to totally random characters/letters, and today they have gotten access yet again. Cunningly, they uploaded files to the root directory with a modified date from 2008.
I have no malware of viruses on my machine, and whist I do have a small WordPress section to the site, I always keep this up-to-date.
I have deleted the files they uploaded, though strangely there are four empty folders with clothing brand names. When I try to delete them via FTP it says the file or folder cannot be found. If I use Jodohost's own browser FTP the folders do not appear.
My biggest concern is not knowing how they are able to get access to my site. When I check the log files I can see I'm still a victim of a DDOS (ongoing for countless months now), and as a result it gives a different IP address each time. I also searched my LOG for 'POST' and found references to the files they uploaded today, but again, it's a different IP each time.
 
I have some ideas on it, can you send me a PM of your domain I will check it again and get back to you there. Sorry I didn't reply this sooner.
 
Back
Top