a few things.
1. are you hosting this web site off a cable modem? becuase that will really suck. it would probably be alot better to use one of those free hosting services

2. how is your routers fire wall configured? that is probably the main problem. and i'm pretty sure you need a seperate IP adress for the server but your isp only gives you one.

and yes it probably is pretty easy for a script kiddie to mess your stuff up. make sure you change your pass word often.

your best bet is to set up a gate way computer and loose the router