So I woke up and checked if CloudFlare would work properly on my new WordPress... Turns I ended up with a 403 error as I visited my website. Went into cPanel and saw a file named index.html_ I have some backups standing-by, but how the heck did they hack my WordPress? I spent 3-4 hours installing security plug-ins and setting it up but WTF?! Anyway to trace their movements?