are you not worried about govt sites being hacked? how is joomla regarding the security and hacking? and I always worried about 3rd party apps being legit, it can easily look cool, but give up a lot of info? thoughts and opinions??
Our site has been online for several years in one form or another. Is a government information only site any more of a target for a hacker than a retail site which collects CC numbers and other personal information?
We use several respected plug-ins to protect against hacking, and the site is not set to have folks self register.
We also neither collect, nor host, any personal information, just basically information and downloadable forms. I also run several other joomla sites with similar protection enabled and we have had really no issues.
We feel reasonably comfortable using extensions and plug-ins from respected vendors. If someone is building poor quality or really insecure apps, the word gets out pretty quickly. We are comfortable with the extensions we use.
We don't lose a lot of sleep over it because there is really no damage, other than the lost time to set it back up, that would result. I suppose someone could post up something to embarrass us, but really little else.
Not site is completely hack proof, so we rely on good backups of the site, and make sure we back up any time any changes are made so the backups are current, plus regularly scheduled backups. It takes about 1/2 hour to re-set it up from a backup.