I just ran a Detectify test on my wordpress sites. It shows Contact Form 7 has some notices in security factor.
Currently, when you direct access a plugin file, you get 500 error. It should not be a server error. File header should be:
defined( 'ABSPATH' ) or die( 'No script kiddies please!' );
Would you mind to change all php file with such header? Thanks!
- The topic ‘security – Empty document when direct access to plugin files’ is closed to new replies.