I am currently creating a WordPress theme from scratch as a "learn at work" tool. I have average experience working with backend work, although in the past I was very dependent on PageBuilders. Now I want to create a theme without any Pagebuilders to increase its download speed, etc.
I am currently looking at security for site files and came across the following term:
<?php
if ( ! defined( 'ABSPATH' ) ) {
exit; // Exit if accessed directly
}
?>
I understand that this will prevent direct access to web files. I'm not quite sure what is meant by this. For example, I could still access files through FTP, through the Server, and through the WordPress toolbar. Is there any other direct access that prevents this? Perhaps banning access through WordPress plugins, etc.
With this in mind, can I correctly assume that the above code should be placed in each file in the subject as a standard? Will there be exceptions?
Any further explanation for this would be very helpful.
source
share