We've found several issues when it comes to security of opensource PHP CMSs, particularly with Joomla and PostNuke. Since Joomla and the PHP engine are so widely used they seem like big targets of attack. Patching all of our Joomla installations every time a hole is fixed can be time consuming. What are some of the ways in which you protect Joomla? What alternatives are you using that might not be as vulnerable? Are there any other programming platforms you are using for your site that might be more secure than PHP?