Thanks for the comment!

Let’s say you’re a Windows user. Run your Windows computer on the internet without anti-virus or a firewall. Then don’t update Windows, so it doesn’t have the most recent security updates. Would it be shocking to be hacked? Run really old, unsupported Windows versions and you’re asking to be hacked too.

When you move to a CMS of any type — it doesn’t matter what programming language it’s written in — you have adopted a living, breathing thing. Gone are the days when you could throw up a static HTML website and ignore it for the next 8 years. If you don’t update your CMS regularly as patches are released, you’re likely to get hacked.

Your next possible liability is the web server you’re hosted on. Is it your server? If so, you need to keep it up to date with the latest PHP, Apache, MySQL, and operating system patches. If you’re working with a commercial web host, it’s their responsibility to do that task. And guess what? There’s definitely a difference in quality between web hosts. Sometimes a $5/mo web host is quite expensive, particularly if they’re still running PHP 4 with global variables turned on. (That’s a security hole so big that even I know about it, and I know almost nothing about server security. That’s why I have a great web host.)

And your third major liability is all of the third party extensions you add to your site. Joomla’s core CMS is really not that exciting. You have to add extensions to your Joomla site to make it interesting — calendars, shopping carts, social networking tools, user profiles, contact forms, and so much more.

But do you know who wrote that extension? Are they committed to keeping it up to date? Have they written it with the best security measures in mind? And have you installed the most recent version of that extension on your website?

If you maintain your Joomla sites adequately, installing all security updates in a timely manner, and updating your extensions regularly, if your server is with a good web host, then you significantly reduce the likelihood of being hacked.

I strongly recommend you take a look at Ken Crowder’s video, ‘Joomla 1.5 Security’, available here on lynda.com. He talks about all of these security measures, plus a few more.

Thanks,
Jen

Regarding Dreamweaver/Joomla integration — I have worked on this, and you can see how to make the integration happen at:

http://www.joomla4web.com/blog/integrating-dreamweaver-cs5-and-joomla-15-or-joomla-16.html

It’s relatively straightforward to set this up with Dreamweaver CS5 and Joomla. HOWEVER: I do NOT recommend you do this, necessarily. If you’re using DW and Joomla to edit CSS files, or the index.php file associated with your template (not the root index.php file), that’s one thing. You can do that without causing a lot of trouble.

However, I do NOT recommend you just edit any file in Joomla. There’s about 150 files required to display a page on a Joomla site, and most of these are core files. Editing these core files can cause all kinds of problems, particularly on upgrade.

So — use Dreamweaver and Joomla to edit CSS or the index.php file associated with your specific template. Do NOT use Dreamweaver with Joomla to edit anything else — unless you know Joomla very well, and you’re very clear about what you’re doing and why. Otherwise, you run a risk of breaking things.

Good luck!
Jen