Read more here
I’ve had multiple people come to me recently with websites that have been broken into. What do they all have in common? All were poorly written by “cheap” developers who either don’t have an awareness of security issues or don’t care. A “cheap” developer frequently ends up costing more in the long run than a skilled, professional one.