Regular users can detect the Joomla! version of your website by entering this URL on a WebBrowser:
http://www.domain.com/administrator/components/com_content/content.xml
This will display a XML file on which they can see your Joomla version. The result looks like this:
From the above example you can see that the website is using Joomla 2.5 and hackers can use this information to launch attacks based on possible vulnerabilities of your Joomla version.
To avoid detection of Joomla version and enhance your website security you have to use a cPanel feature called Hotlink Protection.
Go to your website cPanel (domainname.com/cpanel) and click on Hotlink Protection.
Add permited URLs on URLs to allow access:
http://www.yourdomain.com http://yourdomain.com
At Block direct access for these extensions add the XML estension:
jpg,jpeg,gif,png,bmp,xml
And click on Enable button on the top of the page.
After applying these settings, if someone tries to access your XML files will receive a 403 Forbidden error.