You know, I don't mean any disrespect, but I had to chuckle by the question "Is Joomla! not safe?" since it reminded me of the movie The Marathon Man when the dentist is pulling Dustin Hoffman's teeth out, asking "Is it safe?" and he's so desperate to get the Dentist to stop that he says Yes or No or What do you want to hear? Is Joomla! safe? Quote taken from: http://forum.joomla.org/viewtopic.php?f=432&t=318351&st=0&sk=t&sd=a
RSS feed http://feeds.joomla.org/JoomlaSecurityNews </li></ul></ul>Getting started
Hosting and server set up Shared hosting? Or Dedicated hosting?
Hosting and server set up “ register_globals” “ open_basedir”
<ul><li>Configure Apache: </li></ul><ul><ul><li>Secure important areas with .htaccess
Use mod_rewrite and mod_security to block PHP attacks </li></ul></ul><ul><li>Configure MySQL </li></ul><ul><ul><li>Implement user accounts with “need-to-know” principle </li></ul></ul><ul><li>Configure PHP </li></ul><ul><ul><li>Use PHP 5!
Configure your php.ini file properly (most of the times limited with shared hosts) </li></ul></ul>Hosting and server set up
<ul><li>Configure php.ini </li></ul><ul><ul><li>Use “ disable_functions” to disable dangerous PHP functions that are not needed by your site.