Most webhosts provide some kind of control panel such as cPanel or Plesk where you can manage your website's configuration and files. One reason for logging in now is to check for unauthorized logins as described below. The more important reason is to make sure you know how to do it, because several of the later steps are done in control panel.
If you've never logged into your control panel before now, go to the home page of your webhost's website and look for a customer login box. If there isn't one, look for a FAQ page where they might describe how to access your control panel. If you still find nothing, file a support ticket and ask them.
In cPanel (and possibly in Plesk), the line that says "Last login from:" should always be your IP address from the last time you logged in. If it isn't, write it down.
If you don't know your IP address, it appears to be 220.127.116.11, but that could be incorrect if you are viewing an old copy of this page from your browser cache or a search engine cache. You can find your IP address in Windows XP by either of these two methods (you must be connected to the internet at the time you do this):
* Click on the internet connection icon in your system tray (lower right of screen) Internet Connection icon in Windows XP system tray. In the dialog box that opens, click the Details tab, and then read the line that says Client IP address.
* Open a Command Prompt and run the ipconfig program:
start > Run > cmd
Read the line that says IP Address
With high-speed (broadband, DSL, cable) internet service, your IP is always the same. With dial-up, it's different each time you log on.
If someone was able to log in to your control panel (like you do), they have your userID, password, and all the same access to your site that you have. They can probably also get FTP access, which is what they are more likely to use than cPanel. However, before you assume the worst, an unfamiliar IP could be legitimate if your site is at a webhosting company and you recently submitted a support ticket. A technician might have logged into your account while investigating.
The three pieces of information you should keep from this step are:
1. How to log in to your control panel.
2. Your legitimate IP address, so you can recognize IP addresses that are not yours in places where only yours should be.
3. Suspicious IP addresses you find reported in cPanel.
Leave cPanel open for the next two steps.