Protecting PHP file from direct access

Posted by Pinki | Updated on

Protecting PHP file from direct access. This constant is probably set in the main WordPress PHP file, so if it’s not set, then you aren’t accessing the main page.

Constants aren’t something a user can modify, they are in the code, and can only be changed by editing the PHP file. So, if a hacker could set this constant, then you’d have bigger problems, because that would involve him actually editing your PHP files.

Direct access may not be dangerous (don’t quote me), but it’s pointless. Directly accessing a WordPress plugin (for example) won’t do anything, as the plugin needs to run through WordPress.


If you like this question & answer and want to contribute, then write your question & answer and email to freewebmentor[@]gmail.com. Your question and answer will appear on FreeWebMentor.com and help other developers.

Related Questions & Answers