It was because IIS on Windows Server 2008 R2 build in Transport Layer Security in version 1 (TLS 1.0). That version is outdated and should not be used for securing any HTTPS traffic and also most of the browser didn’t support it anymore at the beginning of 2020.
For custom query in Joomla is not prevent the SQL injections issue. So that, we need to add some script to the query.
In Joomla we can using $db->quote($param) to prevent SQL injections in custom query.
The Example of the query:
$db = JFactory::getDbo();
$query = "INSERT INTO table (`username`, `password`) VALUES (".$db->quote($username).", $db->quote($password))";
$db->setQuery($query);
$db->query();
In the query you not need to add Single Quote Symbol. Because it will help you add in your query. 
Here we describe how we can protect our class file that calling with include function, but it was not secure and its have big risk. For the solution if we can make the file cannot execute or calling when it not include by PHP file.
Why we need it? because when someone try calling http://localhost/module/foo.class.php it will be successful and maybe some accident will happen here.
if( basename( __FILE__ ) == basename( $_SERVER['PHP_SELF'] ) ) exit();
Except from apache you can let your .htaccess file tighten up your site’s security and give extra level of protection.
I am going listing out few example and show you how to use it or where to use it. You don’t have to use every single one, just whatever you feel would help you improve your site security.
I am going listing out few example and show you how to use it or where to use it. You don’t have to use every single one, just whatever you feel would help you improve your site security.