• Seldom things in life do turn out better than you hoped for. Our application development, website maintenance and hosting with JoomDev did. The driving force behind the firm is its unique way of balancing quality services with realistic budgets. The passion and enthusiasm shown by Chetan and his team from the very first moment we met them, we knew that our search was over.
      Alex Shvarts

      Our Clients

  • Blog
  • Contact

How To Secure Your Joomla Website

Need for Joomla “WEBSITE SECURITY”?

You may not think your site is not being hacked, but websites are compromised all the time. The Majority of website security breaches are not to steal your data or creating any other issues on your site, but an attempts to use your server to setup a temporary web server or as an email relay for spam, normally to serve files of an illegal nature.

So, how can you come to know your website is hacked and if the website is found hacked then what should you do to keep your website healthy and free from any kind of attacks that can damage the website? Here are some points that can be used to secure your website

In this article, you will find out that how to secure your Joomla website.

Let’s Go ahead and get started.

Use the latest Version of Joomla (Keep your Joomla version and Extensions Up to Date)

One should always update and keep the latest version of Joomla and navigate all the components in latest Joomla patch that you can easily find on websites as it is an open-source and can be downloaded without any payment from any website.

Always take a backup of your Joomla website.

Back Ups are so important, and one should always keep the backup of their Joomla websites. This helps in website maintenance and security of data from being hacked or lost. There are many first-rated extension you can have for backups. One of the most popular extension used widely is Akeeba Backup. It has a long list of features that you can rely on.

Download Akeeba Backup

Always Use a strong username and password.

The login id and password should not be like login id: admin and password: 123456, click into users->manages and click on your super user account and click on edit. We can change the value of the field for its security, and this protects your website from hackers.

Keep a Joomla security extension

This is a good idea to keep Joomla security extension. Which will help protect from attacks? Some Components allow you to block security threads, block malicious content. By using this component you can scan your PHP files.Here are some popular extensions.

Admin Tools

You got to subscribe for this it will cost you €40 for a year

Download Admin Tools


Price: $15

Download Jomdefender

Rs Firewall

Single website support for 12 months will cost you 49€

Download Rs Firewall

Securitycheck pro

You can subscribe for securitycheck pro for a year in 29.95€

Download Rs Firewall

These helps the Joomla website free from the Joomla security issues and protect the website from hackers and secure its data from being stolen by an unauthorized person who is not permitted to access the website. These are the best Joomla hosting to protect the website and keep it secured and safe.

Disallow access to bad bots and some Joomla additional Joomla folders.

Rename htaccess.txt to .htaccess and add this code to your .htaccess file

RewriteCond %{REQUEST_URI}  ^/images/  [NC,OR]
RewriteCond %{REQUEST_URI}  ^/media/  [NC,OR]
RewriteCond %{REQUEST_URI}  ^/logs/  [NC,OR]
RewriteCond %{REQUEST_URI}  ^/tmp/
RewriteRule .*\.(phps?|sh|pl|cgi|py)$ - [F]

File Permission

To protect your Joomla website you want to make sure to use the correct file permissions.

Usually for files = 644
And for Folders = 755

Protect your administrator page

The security of your Joomla website can be improved by restricting to your administrator. Create a password to protect directories, files and folders from unauthorized access. When you are done protecting your administrator folder, you should have an additional password is the must, to see the standard administrator login form.

You can add the following lines to your .htaccess file replace x.x.x.x with your IP address (you can find your Ip address by going to www.whatismyip.com).

Deny from ALL

Allow from x.x.x.x

These are the steps which help you overcome various Joomla Security Issues and protect from hacking.


Website security is a vast and fast-moving topic. No set of rules can cover all possible situations. These checklists will point you in the right direction for website security.

Free Resources

Check if you Google detected malware on your website:


Scan your website with Sucuri Website Scanner.


Don’t Forget to Check 

  • Free Joomla 3.8 Templates
  • Free Joomla Extensions
The bio for Naveen is coming soon.
I’ve had the great pleasure of hiring JoomDev for several projects over 8 years. The team brought our ideas to life and created the customized application that we only imagined in our minds. We appreciate JoomDev “can do” attitude and co-operation to complete any task until being fully satisfied. Hire JoomDev, you’d be crazy not to!
Alex Shvarts

Contact Sales

Start a Project