Joomla websites are susceptible to a wide range of attacks including SQL injections, brute-force attacks, and unauthorized logins. There are many joomla security plugins can improve the security of your website by addressing common security issues such as changing the administrator account from admin.
Current joomla security plugins don’t protect or hide joomla files. I have developed JB Hide Component and plugin because most hackers and bots know where to find important Joomla files and pages. A bot that is designed to target Joomla websites will therefore attack any website with Joomla files, and pass by those that do not.
Just as hacking software takes advantage of the fact that all Joomla websites are structured in the same way, JB Hide takes advantage of the fact that software can only target your website if it knows your website structure. It does this by removing all evidence that your website is powered by Joomla. This makes it very difficult for hackers to infiltrate your website.
Boost your security
JB Hide control access to PHP files. It protects your site from almost 90% of SQL-Injection and eXSS attacks caused by direct access to PHP files. This means you can install unsafe plugins without worry abhout security.
That makes impossible for hackers to find the path to php files and they can not identify the whether the joomla is used for website.
How does it work
The magic starts now… But before it please note everything is in its default location and we just control access to it. This guarantees maximum compatibility for our plugin.
Redirect to 404 page from users page index?options=com_users
Hide administrator link
· Not found!? OK. Redirected to custom 404 page
· NOT found try this http://flance.info/hideme/administrator/?test=1234
You get administrator page
In html output of the site you get
Change Joomla template directory, remove template Info from stylesheet, hash template folder name
Instead of template/template_name/template.css you get bare/jt315/css/template.css
Instead of template/template_name/template.js you get bare/jt315/css/template.js
Change components/ modules / plugins/ media directory folder and hash folders’s name for AJAX url and CSS files , etc
· Instead of media/jui /js/jquery.min.js flance.info/hideme/me/fhetq/js/jquery.min.js
Getting fake folder names for css and images files And css files and images as well
· Instead of media/images/imagefiles / fake_media_name /fhets/images/image_files
· Instead of intead of module/css/ css _file_name.css you get /fake_module_name/ hashed – example :sw2ww /css/css_file_name.css
· Instead of intead of component/css/css_file_name.css you get /fake_component_name/ hashed – example :sw2ww / css/css_file_name.css
· Instead of intead of plugins/css/css_file_name. css you get /fake_plugins_name/hashed – example :sw2ww/css/css_file_name.css
· Hide all other Joomla files!
· LICENSE.txt – Not found!
· README.txt – Not found!
Please see the image what folder path for files you get in headers output
The configuration of the extension is very simple. Please see the image
· disable/enable administrator folder hide
· put keywords and pass for administrator folder. Please memorize these words. Otherwise you ca not enter to admin backend. like your_site_link/administrator/?test=1234.
· Com_users redirect enable/disable
· Custome 404 page
· Please put fake folders for template/components/modules/plugins/media folders and enable and disable. These folders name are dynamic which means you can change the fake name as much as you want.
And click save button