info@anzum.com

Disable File Editing
The WordPress Dashboard by default allows administrators to edit PHP files, such as plugin and theme files. This is often the first tool an attacker will use if able to login, since it allows code execution. WordPress has a constant to disable editing from Dashboard. Placing this line in wp-config.php is equivalent to removing the ‘edit_themes’, ‘edit_plugins’ and ‘edit_files’ capabilities of all users:

define(‘DISALLOW_FILE_EDIT’, true);
This will not prevent an attacker from uploading malicious files to your site, but might stop some attacks.

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Discover what's new at Divi Extended

Discover what's new at Divi Extended

Connect with Divi Extended for info on our new products and updates.

Welcome on Board

%d bloggers like this: