Regular users can detect the Joomla! version of your website by entering this URL on a WebBrowser:
This will display a XML file on which they can see your Joomla version. The result looks like this:
From the above example you can see that the website is using Joomla 2.5 and hackers can use this information to launch attacks based on possible vulnerabilities of your Joomla version.
To avoid detection of Joomla version and enhance your website security you have to use a cPanel feature called Hotlink Protection.
Go to your website cPanel (domainname.com/cpanel) and click on Hotlink Protection.
Add permited URLs on URLs to allow access:
At Block direct access for these extensions add the XML estension:
And click on Enable button on the top of the page.
After applying these settings, if someone tries to access your XML files will receive a 403 Forbidden error.