I've heard that the security in Joomla is not very good - is this true? What steps can be taken to make sure that you have a VERY security concious site? Thanks!
I think that Joomla is not more vulnerable than some other cms or html based sites. Some buggy components may cause problems in Joomla, but in general, Joomla is secure.
Recently I found this plugin. It prevents access to administration login page without a further access key.
If you don't have a high traffic site then you don't have to worry to much because it is of little use for hackers. If you do have a high traffic site then use jsecure which is a very good extra security. And as mentioned above update to the latest version.
always keep your server secure, only host your website on a secure hosting company,make sure your file permissions in the right conditions, always do update core, and only use trusted extensions, you can see in joomla extensions directory, How many times the extensions downloaded by another user, and users review, an you can check it's vulnerability in many security sites,,hopefully help you
in website extensions.joomla.org, if you select any extensions, you can look there's remark about the extensions, such as Version, Compability, License, Date add, and how many reviews at those extensions by users, or if you can look icon Just Added, if it's just added, Popular if it's populer, etc, so you can try it to check any extensions that you need by this remark, hopefully help you
Ok I thought you maybe had a site where you could upload your file and test if for vulnerability or something, didn't understood it. Thanks for clearing things up.