Did you know? There is an official Joomla Installation Manual. You can access all documentation via the officia website here: http://docs.joomla.org/Main_Page
Keep your Joomla site updated!
The Joomla Development team are amazing when it comes to responding to security issue regarding Joomla. To fully benefit you need to ensure you are as well. Always keep your Joomla site up to date, and be sure to subscribe to the Joomla Security News Feed: http://feeds.joomla.org/JoomlaSecurityNews You can even subscribe via email.
Next, ensure you patch your installation when security patches are released. The official way to do this is outlined here: http://docs.joomla.org/Upgrading_1.5_from_an_existing_1.5x_version
Now, on to the next VERY important subject, hosting, please read on here: Joomla Hosting
There are plenty of other Joomla security tips available, but it really comes down to two main things:
Joomla Hosting is discussed in another article, so be sure to read that as well. It's here: Joomla Hosting
We've explained the subject of Joomla Security above and the need to always keep your installation secure in this way. However, DO NOT assume that that is all you need to do. An insecure and out of date component can also open your site up to security vulnerabilities. Don't be afraid though, most good 3rd party developers have excellent security records and just like the Joomla Development team, have ways of notifying you of updates and secuirty patches. Be aware of this, and your 99% of the way there.
So, you've read this far already.. have you subscribed here yet: http://feeds.joomla.org/JoomlaSecurityNews ?
This is one of my most passionate subjects when it comes to Joomla Security. Why?
Well, working for the company that provides the official Joomla Hosting to the Joomla project we've learn't a few things over the years about Joomla Hosting and Security. We've also watched hosts come and go as they fail to provide a secure hosting environment or service to their users. We regularly keep up to date with issues that users are facing by our participation in the Security section of the Joomla Community Forum.
Too many times people's website security suffers due to failure on their hosts behalf. So without boring you with all the negative points of far too many hosts out there, here is what we recommend: