How to Hide the Joomla Version?

In our small post on how to get the Joomla version, we mentioned that some website developers hide the Joomla version for security reasons. So what are these “security reasons” and how do they hide it?

The main reason why some website developers hide the Joomla version is because there are malicious scripts running on the Internet that have a single goal of finding which type of CMS is powering each and every website. By knowing the type of the CMS that a certain website is running, the attacker will be able to know what are the vulnerabilities associated with this website, and then start performing his attacks accordingly. For example, if an attacker finds out that a certain website is running Joomla version 1.0, he will be able to immediately know what are the vulnerabilities of this website (they are listed by the Joomla community), and then attack it based on its vulnerabilities.

Now how can the Joomla version be hidden?

Well, you have to have some basic programming experience (if you don’t, then please contact us, and we’ll hide the Joomla version for you), and there are two ways to do it:

Changing a core Joomla file
Open the file /yourwebsiteroot/libraries/joomla/document/html/renderer/head.php . Search for the line:

$strHtml .= $tab.'<meta name="generator" content="'.$document->getGenerator().'" />'.$lnEnd;
Change it to:

//$strHtml .= $tab.'<meta name="generator" content="'.$document->getGenerator().'" />'.$lnEnd;
Change the main template file
Open the file: /yourwebsiteroot/templates/yourtempaltename/index.php

Add the below code immediately before this line <jdoc:include type="head" />:

$this->setGenerator(null);

or

$this->setGenerator("");

or
$document = &JFactory::getDocument(); $document->setGenerator('');

Both methods have advantages and disadvantages. If you follow the first method, then you are changing a core file, which is not recommended, as you will have problems if you upgrade your Joomla version. On the flip side, if you follow the first method, then you won’t have to do any extra work if you change the template. If you follow the second method then you will be safe as you won’t touch the core files, however, you will have to redo the above in case you decide you want to change/upgrade the template.

3 Responses to “How to Hide the Joomla Version?”

rss

Pingback by 10 Security Tips for Your Joomla Website | itoctopus — November 4, 2011 @ 6:52 am
[…] then you are exposing your Joomla version. Check this post on how to hide your Joomla version. […]
Comment by Mark Planigale — September 6, 2012 @ 5:53 am
If taking option 2 you will probably need to surround the inserted code with php tags, for example:

setGenerator(“”); ?>

or

setGenerator(”);
?>

Love the great Joomla tips on this site by the way. The SEO and 10 security tips articles are great.
Comment by Fadi — September 6, 2012 @ 6:36 am
Hi Mark,

You will need to use $this because setGenerator is a method on the current object.

At itoctopus, we're here to help you with your business! That's our promise to you. Whether you're looking for urgent programming help in the middle of the night, or you need help expanding your website, or you need to claim your projects for R&D, then you're at the right place. We have served a lot of customers since 2001, and we'll be happy to serve you!

If you want to fix an urgent issue (for example, your website is down), then give us a call at 514 961 2804, this line is at your service 24/7/365!
Call Now: 514 933 8036
Just give us a call if you need help on your website, and you'll be surprised how friendly, efficient, and fast we are! Oh, and we genuinely care about your business! (International clients please call +1 514 933 8036)

How to Hide the Joomla Version?

Leave a comment