Site Security

This plugin adds a simple but, in most cases, fondamental protection against SQL injection and LFI (local files inclusion) attacks. It checks data sent to Joomla and intercepts a lot of common exploits, saving your site from hackers.

  • Favourite
  • Report

  • Filters requests in POST, GET, REQUEST and blocks SQL injection / LFI attempts.
  • Notifies you by e-mail when a alert is generated.
  • Protect also from unKnown 3rd Party extensions vulnerability.
  • White list for safe components (at your risk ;) )
  • automatic ip blocking on attack

Enable mail report and prepare yourself to be scared!

Anyway remember that security it is a 'forma mentis', not a plugin!


Version 1.4 Apr 28th, 2014:
* minor code fixes (not security related)
* default table type set by DB engine
* table creation by sql install file

Version 1.2 Mar 26th, 2013:
* Joomla! 3.0 compatility & coding style
* try - catch table checking
* InnoDB table support
* it works fine, nothing else to do on J2.5 ;)

Version 1.1 (Mar 10th, 2011)
* ip auto banning on attack (ip blocking)
* RegEx improvements to intercept more SQL attacks

Version 1.0 (Jan 7st, 2011)
* Joomla! v1.6 compatibility
* send mail also when error is raised
* minor code optimization

Version .98a (Jun 1st, 2010) Thanks to Jeff
* fixed backtics matching
* fixed union all matching
* fixed ....// exploit
* added more info to report mail

Version .98 (May 29th, 2010)
first release.

Please, keep in mind, I repeat: this plugin intercepts a lot of common exploits, not ALL!! this should be intended as an help, this is not "THE SOLUTION".

Very useful

Posted on 26 March 2018
Prevent SQL injections
Ease of use
Very easy for use
Excellent plugin. It has protected many of our websites from hacker attacks.
Ease of use
Very simple.
Not needed.
I used this to: It has protected many of our websites from hacker attacks.
Whoever has broken up his website, he knows what I'm talking about.
I can only recommend to any webmaster who wants to sleep peacefully. :)

Very Handy!

Posted on 03 June 2017
Works effortlessly
Ease of use
Activate, done! Configuration of finer details available. Would be nice to have a selector for components to ignore though.
Not needed any, although I have seen errors on PHP 7 so it would be great if it could be updated to support that
I used this to: Additional layer of security

Helpfull, free, worked for me.

Posted on 20 December 2016
Easy and smooth. After being hacked installed this and attemps of next atack failed. Next day. Good something like this exist free for small
Ease of use

Facil de usar

Posted on 15 August 2016
No me ha dado problemas al instalarlo aunque no entiendo bien como funciona.
Ease of use
muy fácil

Simple and Easy

Posted on 11 June 2016
Not too sure yet and hoping I don't have to find out. Will update of course.
Ease of use
Simple! Very easy to install, head go to plugins, configure basic settings (probably just email address and IP block) and enable. Done.
Simple enough to use without but more than enough information around if you run into problems (you probably won't though)
I used this to: A number of private and commercial websites.
Was working as expected but I start getting a database error in all FaceBook share extensions.
Invalid syntax w/MariaDB server in mi_iptable
Ease of use
Very easy to setup
I used this to: Extra security layer
Owner's reply: ops! sorry for missing support :(
try to post a comment, I'll replay as soon as possible.
please note: don't try to submit revealed attack code or the post will be blocked by the plugin!

Great Plugin

Posted on 11 May 2016
Easy to setup and just works.
Ease of use
Works straight away.
I used this to: Hacking is getting worse so this plugin is a must have to protect yourself against malicious attacks. After being hacked it took quite some time to root out all the injected code. Now I have peace of mind seeing that their attempts are being blocked.
Just install the plugin and periodically you'll receive a notification of hacking attemp with hacking code highlighted.
Ease of use
Install and activate. You may found usefull to receive email notifications like I do.

Excellente plugin !

Posted on 10 January 2016
I love the option to be advise by email from attack.
I verify the correspondance between alert and the access.log and it is true
Ease of use
We have only to activate the plugin and review the setting.
We can receive notification by email (it's work well!)
No need for support because it is easy to use
Perhaps more international documentation could be appreciate (In English)
I used this to: I had a BIG problem with JS Injected attack on all my web site since December 2015.
I did a lot a improvement without be able to stop it.
I find a manual way to rescue my web sites, but I wasn't able to avoid it, I was searching for monitoring tools when I find it.
Marco's Google(TM) bot access Marco's Google(TM) bot access

Marco's Google(TM) bot access

By marco maria leoni
Site Access
This plugin allows to spiders and robots, like Google(TM), MSNBot(TM) or Yahoo(TM), to access the pages of the site reserved to the 'Registered' users. Sometimes you have to protect interesting contents to get users' registration for commercial purposes or simply to create a community. But if content are not accessible, how can users know about their existance? With this plugin the search engine...
Marco's noFollow Marco's noFollow

Marco's noFollow

By marco maria leoni
SEO & Metadata
This plugin allows you to add "rel" and "target" attributes to all outgoing links in articles on your Joomla!, so you can avoid to disperse the Page Rank on the web by setting the attribute rel = "nofollow" on all outbound links, and you can keep visitors on your site by setting the target = "_blank" attribute. Configuration is very easy, simply select the action to be taken for the two attribute...
Marco's parallax background scroller Marco's parallax background scroller

Marco's parallax background scroller

By marco maria leoni
Page Background
A plugin for parallax background scrolling in Joomla! This is a nice background scrolling effect with a simulation of a pseudo parallax effect. You can insert one or more image in your articles and define an horizontal stripe (view port) to see the images as they was really a landscape through a window. See this plugin in action! Features . Easy to use and configure . CSS3 and responsive . plugi...
Marco's buy me a beer Marco's buy me a beer

Marco's buy me a beer

By marco maria leoni
This implementation of Buy me a beer in Joomla!, is a smart & funny way to get a donation without the need to specify ethical reasons: "Do you think my job was useful? Ok, buy me a beer, I just wanna have a drink, not save the world!" Features works on multilingual site; every text in the donation form can translated using Joomla's language override feature; automatic PayPal's interface languag...
Marco's PrestaShop Authentication Marco's PrestaShop Authentication

Marco's PrestaShop Authentication

By marco maria leoni
Site Access
This plugin allows to customers of a PrestaShop™ e-commerce to access the Joomla! site without a new registration. This is a fast authentication bridge between the two systems. Prestashop to Joomla bridgeThis plugin allows to use an existent PrestaShop e-commerce to authenticate its users on a Joomla installation. Features plugin works on J2.5 and J3.x sites; no need of double registration;...

Marco's SQL Injection

marco maria leoni
Date added:
Nov 18 2014
GPLv2 or later
Free download

This extension does NOT implement the Joomla! Update System


Write a review