The most common reasons for a hacked (defaced) website include:
– Outdated web application. Every popular web application (Joomla, WordPress, PhpBB…) has had security problems and that’s why you have to use always the latest version.
– Outdated web application extension. If you have installed any third party extensions, you have to keep them up-to-date just as you keep your main web application. Very often users neglect this fact and outdated extensions become easily exploited by intruders.
– Weak user/administrator passwords. You must ensure that all users have strong passwords, especially the admin and the ones who can create content to your site. For this reason make sure to have an updated antivirus software and scan your computer for viruses regularly.
Please be sure that if your website has been hacked, it is not linked to server safety. Our servers have advanced security modules (such as Apache mod_security, Suhosin PHP hardening, PHP open_basedir protection and others). Which would most likely show, that the issue would lie in your website.