Secure Joomla site

To avoid Joomla site to be hacked follow the following steps.


Disable RG_EMULATION for Joomla. When this option is enabled even the latest Joomla is

vulnerable to some variable injections. It can be disabled by placing the following line in

your configuration.php:


if(!defined(‘RG_EMULATION’)) { define( ‘RG_EMULATION’, 0 ); }



Secure your administrator’s area. This will first prevent simple brute-force attacks. Along

with that, all components and modules’ code inside this directory will be safe. For this



- Place an .htaccess inside Joomla’s ‘administrator’ directory. It should contain:

Deny from all
Allow from YourIP*


In case your IP changes, you should try securing the directory with Password Protection


If you are using PHP 5.2, make sure that the directive ‘allow_url_include’ is set to off;


If you are using PHP version below 5.2, make sure that the directive ‘allow_url_fopen’ is set to off.

  • 3 Users Found This Useful
Was this answer helpful?

Related Articles

Magento install error - Exception printing is disabled

Here is a known error which can occur when installing Magento: There has been an error...

Check for kernel logger error in ConfigServer Security & Firewall

syslogd appears to be running, but not klogd which logs kernel firewall messages to syslog. You...

Errors when install CSF firewall in CentOS 6

errors: Checking Perl modules… Can’t locate LWP/ in @INC (@INC...

Speed up your site with .htaccess caching mod_expires and mod_headers

Browser cache is very important to speed up your site loading and here is how to speed up by...