• I would like to suggest that WordPress theme authors include a security check at the very top of their index.php and other PHP files. This prevents direct access to theme files outside of the WordPress environment.

    <?php
    if ( ! defined( ‘ABSPATH’ ) ) {
    exit;
    }

    This small addition helps protect users by ensuring files only run when WordPress is loaded.

Viewing 1 replies (of 1 total)
  • boy8xnoname

    (@boy8xnoname)

    Hi @travelavenger ,

    Thank you so much for this valuable security suggestion! Adding the ABSPATH check to the theme files is indeed a great practice to prevent direct access and ensure files only run within the WordPress environment.

    I will forward your feedback directly to our tech team so they can review and implement this update in our upcoming releases.

    Best regards!

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.