Here are some of the reasons why your website is often hacked:
1. Exploiting User Script Loopholes
Hackers will take advantage of your script loopholes by injecting scripts into your website. If you use Opensource script applications then make sure you often update / upgrade your application security.
2. Install/Activate the Latest Antivirus, Antispyware on Your PC
Apart from web application security, hackers can usually also enter through viruses on your PC which are usually used to upload web application files. For this reason, it is recommended that you always activate and update your PC antivirus.
3. Change All Passwords: Cpanel/Plesk, FTP, Database, Email
Hackers who have gone too far into your web application, or viruses have utilized your email. Then please change all your Cpanel/Plesk, FTP, Database, Email passwords.
4. If you create your own program, double check the security of your program.