How to Secure a Joomla! 3 Website


Joomla!, like any other open source application, is a common target for hacks and exploits. Therefore, when running a website on the CMS you should do everything you can to make it secure. In this tutorial, we will show you some of the ways in which this can be done.

Login Details

The first and most obvious way of protecting your site against cybercriminals is to make sure you use strong login details. Someone attempting to log in to your site should not have an easy task, so avoid using obvious usernames such as “admin” and passwords that include your name or common words and number combinations, such as “pass123”.

Always use an unusual (but memorable) username and passwords that include a combination of letters (upper and lower case), numbers and special characters (!$#@*).

Website Updates

It is essential that you keep all extensions up-to-date. Joomla! updates are not only released to improve performance, they usually contain fixes for bugs and security issues. Keeping extensions up-to-date takes no more than a couple of minutes. Go to Extension > Extension Manager and click on Update from the sidebar menu. Joomla! will then provide you with a list of extensions that have available updates – simply check the box and click on Update in the top left corner of the screen.

Admin Access

Restricting access to your admin page is a great way to improve security. This can be done by password protecting the /administrator folder. Go to your cPanel and select Password Protect Directories, choose the /administrator folder and create a username and password. Click on save to confirm the changes.

Security Extensions

Using extensions is a great way to protect your website and there are several great plugins available. Some of the most popular include:

Using more than one security extension may cause plugins to conflict, so only run one at a time. Any from the list above will do a great job of keeping your website safe.

Backing Up Your Site

While the above measures should ensure your site is safe from the threat of hackers, there is always a chance that something could happen. For peace of mind, always make regular backups of your website. This can be done manually, but an extension is the preferred method.

There are several backup extensions available but Akeeba Backup is the best. This plugin can be downloaded from this link:

Once you have downloaded the extension, upload and install it in Extension Manager and go to Components > Akeeba Backup.

The first time you use the plugin you will need to click on Accept the mandatory information and apply preferences. From the next page, simply click on Backup Now and confirm the description.

Our Recommended Joomla! Web Hosting Provider


Get a 45% Discount by using our link.


A popular Canadian web host which offers a one-click Joomla installation option through the included control panel (cPanel). HostPapa is our recommendation to host a Joomla website.

Leave a Reply

Your email address will not be published. Required fields are marked *