How Do Websites Get Hacked?

The most common reasons for a hacked (defaced) website include:

  • Outdated web application. Popular web applications (Joomla, WordPress, PrestaShop, PhpBB, etc...) regularly patch bugs and security problems as they are identified. Make sure to maintain updates for the framework, extensions, and theme and use the latest version.
  • Weak user / administrator passwords. Ensure all users have strong passwords, especially the admin and any accounts that can create content to your site.
  • Infected local computer.¬†Some computer viruses/worms are known to steal FTP logins and after that add malicious code to web files. Make sure to have an updated antivirus software and scan your computer for viruses regularly.
  • Insecure Environment. Generally this is the least probable scenario. However, there are still web hosts which cannot properly isolate users from one another on a shared server. Other hosts cannot find the correct balance between security and usability in order to protect web sites without making them unusable.

e-dimensionz is proud to offer a secure hosting environment, along with having some of the best security specialists maintaining our servers. 


If your website or CMS (WordPress, Joomla, Drupal, etc) was infected, we can get your website cleaned up, determine causes(s), and help to secure your site against future attacks.

Contact us for details

Was this answer helpful?

 Print this Article

Also Read

How to clean malicious code from your website?

If your website has been hacked and malicious content has been inserted into your files, you...

What is a Brute Force Attack and how to block it

Brute Force is a method of guessing your password by trying combinations of letters, numbers and...

Force SSL/https using .htaccess

In order to redirect your website to be opened through HTTPS, you should add the following...

How to block access to a specific folder?

To block all access to a specific folder in your account, you should add this rule to the...

How to protect your account from TRACE request attacks?

In order to protect your account from HTTP TRACE request attacks, you can add this to your...