Things you can do to ramp up the security of your Joomla site and keep those pesky hackers at bay: 1. Ensure the Joomla core is always updated with the latest release 2. Ensure all your components. modules and plugins are always updated with the latest versions 3. Hide the generator tag which states that your site is a Joomla site (edit index.php or use a plugin) 4. Change/hide the administrator URL (see the joomla extension directory for extensions that will handle this for you. 5. Change the table prefix from jos_ hacked site = nightmare. Keep secure.
Good post. Regarding the admin section, you could also use .htaccess to password protect it. There is even a generator online: http://tools.dynamicdrive.com/password/ (if you're using Apache or another webserver that's compatible).
Rename the tables (phpMyAdmin makes this easier) then update Joomla's configuration.php (or whatever it uses these days) with the table prefix (that means edit it in a text editor).
Use Admintools. A very useful component, you can password protect the administrator folder, keep Joomla updated, fix your file/folder permissions and many other useful things.
Additionally: - scan your site using ClamAV from time to time (have your host install it if not available) - get rid of any plugins, scripts or other files you don't really use on the server - check scan/report sites and services, fix what they find and report the cleanup so your site doesn't get banned/blocked in search engines and browsers http://www.google.com/safebrowsing/diagnostic?site=yourdomain.com http://www.unmaskparasites.com/ http://siteinspector.comodo.com/