@JohnnyBob,
Why can posters here not belief that there are loads and loads of websites of which those that have to concern themselves with website security or server security of that particular website, have zero knowledge or too little of these issues. If they knew what they were doing we did not have issues with sites that are being attacked, hacked, injected, malvertised, misconfigured, laden with malcious iFrames, Java and javascript malcode etc. every minute of the day. Sites are open to vulnerabilities because website software has not been updated, servers are given away full version numbers, hackable php and perl as low hanging fruit for malcreants on automation and what more.
Seen from the range of infested or suspicious or vulnerable websites I have seen and analyzed through scanning over some couple of years at the virus and worms section, I feel oblidged to look good and hard before I declare a website all clean and secure, and I am not fearmongering here or spreading fud, this is the sorry state of overall website security, alas these are the facts and a threatening situation for visitors of many websites....
polonus