Why is sensitive information like this on a public facing server anyway?
Candidate's public websites are prime targets for black hats and the like, and given how high-profile this election is, anything connected to the internet should be considered compromised. Public-facing web servers should never contain anything that isn't publicly released. They should also be regularly changing passwords (once a day at-least, given the risk level).
Someone as hateful as Donnie "spray-tanned-used-condom-dropped-on-the-floor-of-a-barber-shop" Drumpf should be using as secure of a server as possible, lest one of the people that he has angered vandalize the website.