jomDefender Security Plugin for Joomla!

jomDefender Security Plugin for Joomla!

Your First Line of Defense Against Joomla!® Hackers

Protect your site, protect your team's reputation, protect your clients, protect your job! Make jomDefender your first line of defense to protect your Joomla® websites from devastating hacker attacks. Created by ‘corePHP’, jomDefender is a powerful security plugin to help shield your Joomla website from hackers. Joomla websites all over the world come under attack from ruthless hackers who deface front pages, delete critical data, upload malicious viruses and steal sensitive customer information. Sadly, most hacker attacks cost owners countless hours and hundreds, if not thousands of dollars to repair and restore - that is, if the damage can even be repaired at all. jomDefender is a critical must-install plugin to help you ward off hackers.

A Small Price To Pay For Your Security

No one defense measure will guarantee you against all attacks, but just $15 dollars is a small price to pay for peace of mind to help save hours of time in costly down-time and repairs, let alone the cost to repair your reputation. jomDefender offers you an added layer of proactive defense you can't find anywhere else for Joomla websites.

The jomDefender plugin is custom developed just for Joomla.  It patches the most common vulnerabilities found in Joomla, and adds several extra protective layers to your Joomla website to keep it safer from attack. No solution is 100% effective, but jomDefender will help to put you in a much more proactive stance. 

jomDefender is easy to install, easy to configure, and even easier on your budget. So get peace of mind now and grab your copy of jomDefender today for a fraction of the cost of what you would pay a security consultant to assist you to custom-build your own defense shield, let alone the cost of rescue and recovery. Get jomDefender now, before trouble strikes.

jomDefender for Joomla Features Checklist:

Generator Tag Delete
Joomla Whitelabeler
HTML Whitespace Removal
PHP Header Replacer
CSRF Login Prevention
File Integrity Check
New Admin Password
I.P. Address Deny
I.P. Address Allow
Change Caching Mechanism
Page Execution Timer
Page Loadtime Optimizerr
Administrative Override
Joomla Compatibility Tested
Live Support Desk

jomDefender: #1 on Your "Must-Have Joomla Extensions" List!

Like it or not, Joomla sites are targets for hackers. Why? Becaue Joomla is the most popular CMS on the planet! It's great software. You know it, we know it, and hackers know it too. But you CAN and MUST defend yourself! The fact is, most Joomla hackers are just casual hackers. They really don’t want to work too hard to gain entry to your server, and honestly, most hackers don’t have to do much. They simply scan your website looking for known identifiers that tell them your site is running Joomla. And once they know this, they will run pre-fabbed hacker scripts to help them gain entry.

jomDefender keeps your Joomla applications secret and prevents attacks by letting you remove all known Joomla identifiers from your site via a few, simple backend parameters edits. Use jomDefender to protect your site with additional security features such as an extra admin login screen (makes hackers guess two unique admin passwords instead of one), front end & backend IP ban/blocking, and so much more.

"FOUR STARS! BEST Basic Security Plugin For Joomla!®"

Check out this LONG list of powerful defense measures you get, ONLY with jomDefender from 'corePHP':

Allow/Deny IP Address Access: This unique and critically important jomDefender feature allows or disallows front-end and back-end access (Admin) to your Joomla Site. Deny or allow IP address to the back-end, the front-end or both. This option will block specific IP addresses from accessing certain parts, or even all of your website.

Double Layer Admin Prompt: Remember, a frustrated hacker will move on to easier targets. This jomDefender option makes it more work for a hacker to attack your site! jomDefender adds a secondary layer of security before accessing your Admin login form. This ONE feature makes your jomDefender purchase worthwhile, as it is a major preventer of casual hacker attacks on Joomla sites. Hackers know that Joomla operates with " /administrator " in the url string, for back-end Admin access to your site. 

First, jomDefender's double layer admin prompt helps to mask your site from casual hackers, causing many to ignore your site, and move on. Second, this double layer of protection forces attackers to take additional efforts to "brute force" attack not just ONE password, but TWO passwords, if they want to gain unauthorized access.

Login/Logout CSRF Prevention: This jomDefender feature checks the referrer that the web browser sends to the server. If the referrer does not match the domain of the current server, the login or logout operation will be STOPPED! This will prevent unauthorized users from logging users in or out of your site.

Auto-Remove Joomla's Generator Tag: Hackers often target specific CMS brands, such as WordPress, Adobe, OpenText, Joomla, etc. When they know the brand-name, they reduce their variables, and hacking becomes easier, if they know the potential vulnerabilities for that software brand. 

Some (but not all) Joomla! templates add a "generator tag" to the html code being generated, making the site more easily identified as a potential target by hackers. jomDefender allows you to auto-disable this, without affecting the performance of your template or your website.

Auto-Remove the Word" "Joomla": If you choose this option, this jomDefender feature will ensure that any auto-generated occurrence of the word “Joomla” on your website will be removed, to help make your site more anonymous to casual hackers and bots.

Auto-Remove HTML White Space:  This option will remove all of the "white space" from a page's html code, just in case hackers want to take a peek at your html. This feature makes it harder for hackers to quickly scan your html code, looking for any references to the word "Joomla," thereby making your site more anonymous, lowering your risk of being a target to hackers and hack bots.

This doesn't affect the frontend view of your Joomla! page, but it will be harder for attackers to view your code if this option is turned on. Frustrated hackers will move on to other websites if they cannot quickly find what they are looking for on your site, and this feature will certainly trip them up.

Auto-Remove Joomla's PHP Header: When GZIP is turned on in your Joomla admin configuration screen, Joomla will send an X-Content-Encoded-By header, identifying the site as a Joomla-powered website. This jomDefender option will automatically replace that header for you.


File Integrity Checks: We highly recommend enabling this feature, as it can save you hours and hours of work, investigating the scene of a hacker crime, to assess damage to your site, identifying issues that you may otherwise NOT be able to detect. Some hackers are very clever, leaving seemingly innocent changes to your files, which to the untrained eye, can cause major damage!

For extra protection, when enabled, this requires you to set up a "cronjob" to run in the background (see documentation for assistance, if you need help running a cronjob). When the cronjob runs, jomDefender will go through all of the files in your Joomla installation. jomDefender will check size, ownership, permissions, last modified time and file checksum, etc. All this information is stored in the database.

Each time the cronjob is run, jomDefender will check the files for any differences. If any file is different than it was when previously checked, an email message will be generated with critical information, sent to the Administrator of the website. This information can be used to inform you of any hacked files or new files in the system. 

Caching Mechanism: This feature will allow you to cache the changes that the plugin makes on your Joomla! pages.

Page Execution Time Display: This feature allows you to test the exact time it takes for your website to load. This will help you determine the best configuration to speed up your Joomla! website. An excellent bonus feature!


Disable Plugin Functionality: We know, sometimes we forget our own passwords! So if you forget your admin password or accidentally block your own IP (hey, it happens!) you can disable the jomDefender plugin long enough to get back in! No worries.

jomDefender for Joomla! Technical Requirements:

  • Joomla 2.5
  • Joomla 3.x

(You're welcome.)