diff --git a/src/Core/Manifest/Module.php b/src/Core/Manifest/Module.php
index 6a60ee626..6084235d0 100644
--- a/src/Core/Manifest/Module.php
+++ b/src/Core/Manifest/Module.php
@@ -158,7 +158,7 @@ class Module implements Serializable
     {
         $config = "{$this->path}/_config.php";
         if (file_exists($config)) {
-            require_once $config;
+            requireFile($config);
         }
     }
 
@@ -247,3 +247,15 @@ class Module implements Serializable
             ->exists();
     }
 }
+
+/**
+ * Scope isolated require - prevents access to $this, and prevents module _config.php
+ * files potentially leaking variables. Required argument $file is commented out
+ * to avoid leaking that into _config.php
+ *
+ * @param string $file
+ */
+function requireFile()
+{
+    require_once func_get_arg(0);
+}