The Joomla! Extensions Directory ™

RSFirewall! ComponentModulePlugin

RSFirewall! is the most advanced Joomla! security extension that you can use to protect your Joomla! website from intrusions and hacker attacks. It's backed up by a team of experts that are trained to be always up to date with the latest known vulnerabilities, security updates making RSFirewall! the best choice in keeping your website safe.

» Compatible with Joomla! 2.5 & 3.x

» Backend Password - Add an extra layer of security by typing in a password before logging in the administration!
» Blacklist - Block unwanted (single or multiple using wildcards *.*.*.*, CIDR notation and ranges) IP addresses.
» IPv6 support
» Whitelist - Bypass protections for selected IPs.
» Stop brute-force login attempts - Capture login attempts (as well as incorrect passwords).
» Malware database - Detects obfuscated, encoded as well as potentially dangerous files (eg. base64_encode, eval, gzinflate, preg_replace /e)
» Automatically drop dangerous files when they're uploaded - such as .php, .js, .exe, .com, .bat, .cmd
» Disable the creation of new Administrators
» Protects selected Administrators from any changes - including password change!
» Log all security events and send messages to specified email address(es)
» Powerful exception system - Disable protections based on User Agent, URL or component (regular expressions allowed).
» Database Check - Optimize & repair your database tables.
» Display CAPTCHA in the administration section after a predefined number of failed login attempts.

Active Protections
» Country blocking - Allows you to select which countries have access to your Joomla! website (also blocks anonymous proxies). Based on GeoIP Lite Country database.
» Local file inclusion (LFI)
» Remote file inclusion (RFI)
» SQL injection (SQLi)
» HTML, Javascript and CSS filtering (XSS)
» Denial of Service (DoS) - Block unwanted User Agents
» Automatic blacklist
» Actively scans POST and GET variables.
» Keeps an eye on sensitive Joomla! files and alerts you if they are changed.

System Check
» Check for the latest Joomla! & RSFirewall! versions.
» Provides suggestions on how to tighten your PHP & Joomla! configuration.
» Scan Joomla! core files for integrity.
» Scan files and folders for common permission errors.
» Scan files for common malware.

Report Extension




Reviews: 4
One of the sites i manage was recently attacked by the joomla pharma virus. Almost impossible to get rid of. Since installing RS Firewall everything is working fine. Had a problem with a looping system check iwith RS Firewall on another site i look after. The support at RS Joomla was above and beyond the call of duty. They went through ALL the extensions on the site to find out what the problem was, must have taken hours and hours and found what was causing the issue.
10/10 for customer service.
Best i have experienced with any extension.
Highly recommend both the products and the company.
Reviews: 2
A simple and step-by-step security opening check-marks to be secured, with giving your website security grade through a "System Check" button, it will help you to more secure your joomla website by considering system locked-up and repairing and optimizing your database tables... It is a must have and a useful tool to secure any joomla site!
Reviews: 2
I tried a couple of free programs and started looking at the features of RSFirewall. Having purchased a previous product from them and very happy with it, I decided to purchase the firewall also.

I love this firewall. It has everything I could possibly want to protect my system. It does a system check and gives explanations as to why something is being recommended.

Great product!

I would recommend this product to all users looking to protect their site from injections, hackers, etc - anyone looking for protection.
Reviews: 1
The component is easy to install and it works very well. The developers are responsive and even went above and beyond to create a hash file for us for a different version of Joomla. This allowed us to readily identify which Joomla modules had been modified from core so we could plan our upgrade with confidence!
Reviews: 3
Since we have had no security breaches, it seems to work well... Simple install, simple config, and love the logo that is displayed to show the site is protected.

PROS: Easy Easy Easy - just click. The usual EXCELLENT RSJoomla technical support. Very educational as to how Joomla works and vulnerabilities.

CONS: Some suggestions are a challenge to decide on, though the docs are pretty good. We easily got 75 out of 100 ranting without lifting a finger.
Reviews: 18
their products are the best, but their support is incredible! Extremely helpful and fast to fix problems, even if they're ones I caused!

I can't recommend them highly enough
Reviews: 22
Easy to install and set up, despite the complexity of the extension. I have peace of mind knowing that my site is protected.

I'd never run my computer without an anti-virus software, nor will I leave my site exposed.

Definitely the best Firewall for Joomla that's out there!

Great pricing this month with the 50% off!!!

Thank you RSJoomla!
Reviews: 5
Easy installation. Regular updates. Good support when you need it.
Safety first. I find it a comforting thought that RSFirewall is watching as my clients work in the backend. You can set that modules or plugins can NOT be uploaded.
I'm happy with RSFirewall!
Reviews: 1
Almost 1 year ago my 7... 1,2,3,4,5,6,7, websites were hacked all at the same time... Not a good thing for me when my clients start seeing stuff other than their site on their domain... Worse when you take a few minutes to fix it only to have it done again in less than 24 hours... Even worse when they see all my sites showing the same content... Even worse when your host takes your account offline for malicious content!!!!! It was so bad I took a 3 day weekend (While my host had the sites being blocked) and took all the data off the server, and started a fresh install for my 7 sites. After 2-3 weeks of peace, I leaned back in my chair with a feeling of accomplishment, only to receive a text from one of my customers that it had happened again!!!! And then my account was taken offline a second time!!

I was at a loss! What could I do? I had 7 customers and I did not have the expertise to fix this problem and guarantee that it would not happen again! Was I going to have to give them a refund? I couldn't do that... There money was already spent!
I started researching the options I had to secure Joomla, and I found RSFirewall... Looking at the information, it seemed simple enough.
1. Buy a license.
2. Download
3. Upload/Install
4. Set password, turn on lock down.
5. Drink a diet coke and watch Law & Order, because RSFirewall was handling all of my real life offenders, I could spend time watching TV about made up offenders.

Honestly though this extension is Great. After installing it my problems stopped. Sure I sat around waiting for it to hit the fan... but it never did. As a matter of fact during my first 6 month membership, I didn't even have anyone try to hack my sites (I'm guessing they know not to try with the RSFirewall badge on the public side of the website.) I just renewed for my second 6 months, and I am excited to see that it supports Joomla 1.6 too! I finally had someone try to hack one of my sites again! :-D It was great, because I got to watch in real time through my email each attempt they made to try and login. Because of the email notifications letting me know that they were failing, I was also able to login to the administration side of the site they were attempting to access and verify that it was locked down... After the "hacker" tried about 9 or 10 times, he/she gave up and moved on!!! Thank you RSFirewall, I literally sleep better at night because for a while I really did have to worry about getting up each morning and making sure that my sites had not been hacked while I was asleep, but no more!

Yes it may be the most expensive Joomla extension you buy (Although I'm sure there are others that cost more) but it is the most valuable one you will buy! Big time saver! Plus the protected by badge looks great! :-)
Reviews: 2
I'm extremely satisfied with this component! I have built my frist online store for a client and was extremely concerned about security. I knew well I couldn't handle it alone and after reading reviews I decided to suggest him we got RSFirewall! for his site.

I don't regret it for one moment! Not only I feel the website is safer, but it made me aware on a lot of security issues I didn't know that were such.

It was installed in seconds and even when we had everything set up already, we run into no problem at all. Everything kept working just fine as it was before.

Not only that, I ran into an unrelated to the component issue (that had more to do with my ignorance on how to work the php.ini file) and the ticket submitted was replied within an hour. I also liked that is was assigned to a single staff member (which gives you the feeling they are attending you more personally), and he was very friendly and helfpul.

In my opinion it's worthy every single penny you pay for it; they provide with documentation and tutorials at their website too (which btw looks very professional and organized).

I very much recommend this extension.
Reviews: 4
You may not think you need this extension, but when your site is hacked or you have to deal with spam comments, you'll change your mind! It's easy to install and configure, and works exactly as advertised. I include it on every site I manage.
Reviews: 6
I have moderate knowledge of web design and am in my 3rd year of Joomla! Recently I had 50 out of 54 websites hacked. RSFirewall has helped block those attacks and when a persistent attack kept coming in from Mexico, tech support was prompt, helpful and informative. Thank you so much for a time-saver, web-saver and keep-me-from-pulling-out-my-hair-saver program. :)
Reviews: 1
I have used several RSjoomla extensions and have loved them... until now.

RSFirewall has given me nothing but headaches with:
1. Unwanted redirects (from to and we all know what issues the www. can cause.)

2. Failed login issues (even when the login and password names are copied directly from my password vault) usually related to www. redirect

3. missing WYSIWYG editors since I installed it.

I have tried to get answers from the developers 3 different times but got 3 different responses each time basically saying: "It’s not our programs fault it doesn’t effect any of the issues you are having..."

The worst part is it got worse over the last two updates. So I am convinced without doubt that this extension is the source of all my issues.

I finally got tired of messing with it and decided to just uninstall the whole thing, now I have even more issues with my admin area. It will sort of work in IE8, won’t work in Firefox now, and we won’t even discuss Chrome.

Be careful if you use this extension. I don’t know exactly what this extension did that caused all the problems but I know I didn’t have any of these issues till I installed this extension and ran the security check. I will likely be uninstalling and reinstalling my entire joomla site from scratch because of all of this.

On the plus side I did like the reporting features and the lock down feature.
Owner's reply


1) & 2) RSFirewall! will never create any redirects and there's not a single line of code in the package that would have to do anything about redirects. You wrongfully created a htaccess file that redirects from non-www to www, and in the process left $live_site in your configuration.php to the non-www version. This way, your redirects where happening even when submitting forms (such as the user login).
3) There hasn't been a single report of such an issue, furthermore RSFirewall! has been tested with the most popular editors (tinyMCE, JCE, JoomlaCK) and there are no incompatibilites.

The fact that when you uninstalled RSFirewall! your admin panel "crashed" has no logic and there's no proof to support it - if such issues did exist, we would have known about them and fixed them. RSFirewall! does not modify any system files so it's highly unlikely that a simple uninstall would have caused something like this.

This review states facts that have no explanation other than the user error - since RSFirewall! does not handle redirects (how would that be a security feature, since RSFirewall! is a security software ?), does not change any lines within system files (including editors, and has even been tested for compatibility with them), how can all of this have happened ? The user clearly made some changes to his website around the same time he installed RSFirewall! and, without thinking it through (or even listening to our replies, even though we searched for this user and couldn't find any information on him) blamed RSFirewall! for everything (because it's easier to blame somebody else than to fix your own errors).

Reviews: 1
I've installed RSFirewall and find it to be an excellent product. The install was easy for a non-programmer like myself not to mention the interface integrates well with Joomla - same look and feel.

I had a couple technical issues, as a result submitted tickets and received assistance within 24 hours. They fixed my problems via the back-end - truly a wonderful experience. Support staff really cares and fixed my site, plus they installed the updated version without asking. I look forward to having my site secure while I sleep at night.

I also use RSProForm which is a great product to use. It integrates well with the rest of the extensions!
Reviews: 1
I had the misfortune of being hacked in the past. I'm not sure whether it was due to using an outdated version of Joomla or a vulnerable third party component, but the many hours invested in returning the site back to one that was operational will not soon be forgotten.

Soon after I looked for security solutions and found RSFirewall. I have since used it on every site I have build and I will continue to do so for as long as I build Joomla sites. The cost, while high compared to some extensions, is incredibly cheap when you factor in the hours it would take to restore the site in the event of it being hacked.

I am now far more diligent with my updates, however recently a third part extension was compromised across the web, ck forms, and many hundreds of sites were attached due to the sql injection attack used.

My sites were also targeted, before I learned of the exploit, but I was pleased to learn that RSFirewall had been protecting me the whole time.

If you only buy one extension for your Joomla site, make it this one. Take the advise of someone who has worked many free hours restoring websites due to hacks and don't make the same mistakes that I did.

Thanks for the great extension guys. I hope you continue to support it for many years to come.
Reviews: 12
There are days one has to say thank you! Today is such a day. We are a happy client of RS, having pretty much every product in use. RS Firewall works perfectly well and due to the notification service in the component we were notified about a hack attack in progress. We were able to blacklist the IP before the guy could do any harm. Note that the hacker was able to get into the backend, still the lockdown mode saved us. We run a bigger site, people using event registration and so on. RS Firewall is a MUST if you use your webpage commercialy. Thank you guys, keep up the good work!
Reviews: 1
We use RSFirewall! in all sites we are supporting. This is very useful and powerful component, which is mandatory for every commercial site.
We use other RSJoomla products too. All products of this company have perfect technical and commercial support.
Thank you, colleagues!
Reviews: 15
No Joomla site should be without it! I recently got hacked due to my own errors and after re-installing a backup realized that just having the correct permissions to folders and files is not enough. I bought and installed RSFirewall which not only showed me all the vulnerabilities in my site but enabled my to securely lock and protect it!

If your site does get hacked you can install a backup but you still need to find where and to protect it from further attacks. RSFirewall can save you a lot of time and headaches and the price ... how much do you value your website!
Reviews: 2
I found myself struggling with a problem, I couldn't activate the RS Firewall plugin, and then there is no protection.
I submitted a ticket and within 24 hours the problem was solved.
Good support, good product.
I feel so much better knowing my website is protected.
RS Firewall requires some input though, you need to adjust and finetune settings of your website in order to get a good protection grade.
Reviews: 2
For a professional designer, you must install rsfirewal for your customers. perfect components and easy maintenance.
Page 3 of 5