I am finishing my first website in Joomla, it's maybe five to six forms (register, login, search, newletter, ...) and we have comments on articles, a questions/solutions section, tests section along with a form to transmit sms.

Let me know based on your experience and understanding when we should (must?) or otherwise purchase one of individuals security extensions like RSFirewall! or SecureLive Badges and Closes or other. Isn't enough protection using free extensions and following a advices/guides (php) provided in stackoverflow (or elsewhere) to safeguard joomla made websites ?

Thanks ahead of time for the help (and time)!

My estimation isn't any. As lengthy as you are wise and the program up-to-date, individuals extensions don't really add any practical value (In my opinion anyway).

Follow seem principals, and remain vigilant and which will be more vital than these "tools" every day each week.

Joomla remains safe and secure by its community :D and on updates and do not use not suggested Extensions or stay away from extension whatsoever if you're able to, and you ought to be risk-free! While it's also wise to search for other things in your server too, cause if a person loves to damage your website they require use of files server or/and database also it really dons't matter the way they make it happen that you should possess a Bad time!

For my joomla based sites I discovered it most helpful to make use of an cloud-based security solution called incapsula because this also blocks various kinds of spammers, and that i can focus to problematic areas during my sites with this particular tool. Some solutions have built-in CDN, plus they provide all free of charge.