How to protect web site against hackers?

Question

Hi Guys,
Like everyone of us, I have my own dreams about developing the next cool product that will be adopted by many users and become industry standard.
Surprisingly, I find that the most challenging task is to keep my website up & running. My site is being hacked again and again no matter what I do - I blocked the FTP connections, changed the Joomla (CMS) database table names, installed all latest patches and what not.
The web site supports the product (over 1800 users now...) by generating licenses, support forums, documentation, galleries etc. The product which is a winforms application cannot be marketed without this web site.
My question: Do you have any innovative idea about securing joomla based web sites or what is the best secured web hosting you know. currently i'm hosting my site at ixwebhosting and i like them very much but obviously i can't do any serious marketing being hacked over and over again

Thank you very much,
Adi Barda

Answer 1

Do you know in what way is your website hacked? If no, why?

You should collect logs and analyze them to understand how your site is attacked and exploited, and based on that figure out the response. It looks like you are already keeping your Joomla up-to-date; your OS should also be kept updated with the latest patches - if it's in your responsibility do it, if it's in the hoster's hands insist they do it and move if they are not willing.

Answer 2

In terms of securing your Joomla site there are a variety of ways to do so:

http://docs.joomla.org/Security_Checklist_1_-_Getting_Started

If you're being repeatedly hacked, can you ascertain how they are getting control? Vulnerable components? Poor server permissions (777!), leaked passwords?