I'll add that my suggestion is to continuously, and regularly backup your new site through the cpanel backup wizard at bluehost. I just spent several days cleaning up 6 sites that had had malware injected into them at bluehost. If there had been regular backups, then the work would have been a lot easier (just wipe everything out and restore the backups, but I had to use a script to clean up the bulk of the damage and then had to manually clean 100 files that the script would not clean.
You have to be incredibly vigilant when you self-host and always keep up with wordpress and plugin updates. Also do some research about how to make your wordpress installation as secure as possible. It takes more work up front, but in the long run, it will pay for itself many times over.
I'm not trying to scare you, just to get you to be vigilant (also don't get complacent if things go well for a long time). Many people end up paying a lot of money to straighten out their sites after they have been cracked. I've made a good deal myself fixing cracked sites.