Three websites for Foreign Minister Julie Bishop's foreign affairs portfolio have cost taxpayers $113,130, according to answers to questions on notice at Senate budget estimates.
The costs include more than $68,000 for "website testing", $19,000 for training, $15,000 for "website release management" and $10,000 for "website deployment".
"I assume [website deployment] means pushing the button to put it up," said Labor Senator Joseph Ludwig, who was asking top bureaucrats about the costs in the hearing on Wednesday morning.
Senator Ludwig later told Fairfax Media: "This is just more evidence of the twisted priorities of the government while it breaks its promises to pensioners, students and low- and middle-income families."
The costs include the official parliamentary websites for the foreign minister and for parliamentary secretary Brett Mason and Trade Minister Andrew Robb. Such sites are made available to ministers as part of the gov.au domain.
Department of Foreign Affairs and Trade secretary Peter Varghese said work on the websites was not at the request of the portfolio ministers - either Ms Bishop or Mr Mason.
Senators on all sides of politics have had a laser-like focus on spending in the public service during the past 10 days of Senate estimates.
Keen-eyed readers have since pointed out that Ms Bishop's electorate website juliebishop.com.au is built on Wordpress, a free online platform. Although heavily customised, it uses the 2012 theme template and many of the tools readily available to novice website designers.
Her office has clarified this website is not included in the cost declared at the hearing.
That personal site was designed by Perth communications agency CreativeADM. The agency confirmed it did the work for the minister but a spokesperson was not available to comment further.
It is hosted by Perth hosting provider PerthWeb.
Security expert Phil Kernick of CQR Security pointed to the potted security history of Wordpress and questioned the use of the popular platform for a government official's site.
"I'd never build it on Worpress or Joomla or any of those other tools if I wanted a secure website. When you are a public figure, you have to manage your identity carefully. I can't imagine why anyone would do that," Mr Kernick said.
He said even though the website is not interactive and doesn't host transactions, if breached it could display content not authorised by Ms Bishop that could compromise or embarrass the government.
Last week, US-based firm Sucuri identified two security vulnerabilities on a plug-in that affects all Wordpress websites. In March, security blogger Brian Krebs warned other users to be vigilant in light of a bruce-force attack on Wordpress, adding to security incidents in previous years.
Mr Kenick said sites built on Wordpress, but hosted by other parties, put even more pressure on the hosts to keep them up to date and secure.
A spokeswoman for Ms Bishop said the hosting company was responsible the electoral website's security.
A separate website julie-bishop.com lists the Foreign Minister's press releases and other current information, but is not official. It is registered in the Czech Republic and hosted in the US. It appears to be a bait site, vulnerable to the domain owner's decisions. Ms Bishop's office said it has written to the owners of the domain to no avail.
A spokesman for the Department of Foreign Affairs and Trade said the reported costs related to upgrades to the official sites to provide "a better quality of service".
“The upgrades were done because the websites had been supported by older technologies that needed to be replaced as they were at end of operational life. The change to a new technology for these sites was undertaken as part of a broader move to modernise the department’s online services platforms."
Updated: to include Ms Bishop's office's comments, more on Wordpress.
With Lia Timson