This is what happened to me. I manage several joomla sites, and when I started getting some hits from my antivirus about infected webpages, I realized I had a problem. This was two weeks ago. I spend about 5 days dealing with it, and within hours all the files were reinfected. So I started searching for a good solution, and I found OSE. Did some reading but the materials online do not really pay tribute to the usefulness and quality of this product. So I jumped into the wagon, and what a ride!
First, the product is designed to be a watchdog of your website (the suite one)and it does exactly what it is supposed to do.
Installation was uneventful, except for a couple of issues which were quickly resolved by OSE tech support. Then the real fun began.
The anti-hacker component works nice and quietly. Your website will look just the same, but whomever wants to play funky URL's will get blocked at once. It can be fine tuned to avoid blocking everyone (yes, it can be VERY aggressive), and for the most part is simple and effective to use. It hooks up to projecthoneypot.org to keep spammers from pestering your site.
The anti-virus is a lil bit tricky to use, but once it is set, it will be of great assistance and will detect a great deal of problematic files.
OSE's suite is really worth every penny. Today I am still closely monitoring my sites, because once you have been hacked, it seems you're listed on the hacker's yellow pages and everyone wants a piece of your server. So yes, I am still getting hits, but they are being banned, and I foresee a big decrease as they realize I'm OSE-protected.
Nevertheless, and regardless of this being an awesome product, keep in mind that a safe site is an ongoing process. I have blocked a few countries via .htaccess, and I also have installed a little nice component that audit my file system periodically via cron.
However, I feel much safer than I did before. If you're a casual joomla user, I would strongly suggest you take a look at this component, because it will definitely pay itself many times along the way.
And if you become an OSE customer, I encourage you to contribute with your findings. The AV didn't pick up a couple of pests which I detected manually, and I'm submitting them to OSE so they will be included in the next signature update.
So far, this component has made me smile a bunch of times a day when an email hits my mobile reading:
[thisismysite.com] Suspicious Exploit Alert
A suspicious injection exploit attempt was logged on 2010-01-19 15:33:43
IP Address: 208.x.x.x
Referrer (if any): http://xxxxxx
Query String: Request.currentURI=xxxxxx
Violation: Layer 2 Protection [Violation of Rules: 15]
NOW THAT IS WHAT I'M TALKING ABOUT!
Thanks OSE team!