Why the path yourdomain.com/cgi-bin/mivavm?Merchant2/
I found the following article that concerns me...
Signs that it's time to change hosts
Here are some indication you can get a better bang for your buck, and that it's time to change host.
Miva Merchant version is an old 4.xx, eg 4.12
To get to your store you use the URL type: http://www.your-domain.com/cgi-bin/mivavm?Merchant2/merchant.mvc+ ( or merchant.mv+ )
This method of running Miva Scripts, became antiquated at around the year 2300 BC as Noah circumnavigated the globe. It isn't the problem in itself ( although it has been claimed that this is by default a security issue ), but it IS an indication of a server setup that is will very likely fail to run any 3rd party modules that think "outside the box". Chances are, the server permissions will become a hinderance very quickly.
Where did you read the article? Was it from another hosting company and perhaps a sells pitch?
As far as security WestHost tends to be pretty conservative it seems. I think it is the one reason they do not always run the most current versions of things. Even with that said with the VPS technology you almost always have the option of running your own current version of a script or program. Some users are even running a second version of the current Perl although the installed version is owned by root and not accessable for upgrade.
Where did you read the article? Was it from another hosting company and perhaps a sells pitch?
I did a web search and found it here (at the bottom of the page) . . .
http://www.mvcool.com/articles/hostingequal.mv
MvCool is a store that sells modules for Miva Merchant.