Secure Server/Hosting Setup
This is the most important part, many site builders do not ask about the security of the hosting itself, where the sites are hosted. And this is a common misconception. This should be done first. All hosting companies provide the service as is. Only some sites have already done fine-tuning of hosting/server.
Use it .htaccess
You can block typical exploit attempts using a file .htaccess which should be located in the root of the site. By default, this feature is not enabled on all servers. Using a file .htaccess, you can use it to protect important directories, for example, such as administrator, you can block access to the site from certain IP addresses. And there is a lot more that can be done, we will write about it a little below.
The Joomla distribution itself is already bundled with the configured file .htaccess, it remains only to rename it изhtaccess.txt in .htaccess. And let’s start the setup.
Before making changes to the file .htaccess, make a backup copy of it.
Please note, if after renaming the file, the site shows 500 pages, then the hosting does not support it.htaccess. Contact the hosting administration.
If you don’t see any changes, then most likely you don’t have Apache. It is necessary to configure Ngnix.
If you see the 500 page again when you enter the following instructions, it means that the hosting does not support any commands from this file.