Here are a few more Joomla security tips to help you make sure your Joomla installation is rock-solid.
1. Create strong passwords. You should change your administration password often and use a combination of upper and lowercase letters and numbers. Avoid using dictionary words, and make sure your password is at least eight characters long.
2. Monitor crack attempts. If you have your own VPS or dedicated server, you can run TripWire or SAMHAIN to frequently check for attempts to comprise your server’s security.
3. Create scripts to automate security tasks. With a busy schedule, you may forget to check for new versions of Joomla and any extensions you have installed. Setup scripts to make the process automatic.
4.. Check logs often. Many times, simply looking over access and error logs can reveal thinly-veiled attempts to intrude on your server, particularly if the attacker is trying to do so through a web application like Joomla.
5. Run checks for SQL injection vulnerabilities. There are free tools on the web that will perform these checks for you.
The important thing to remember is to always be diligent. Create a security routine and stick to it. Do not let months go by before you decide to check on your Joomla installation. You may find your site has already been comprimised.
Source: Joomla Security Checklist