Prevent direct access to a WordPress php include file.
Md Riyazuddin
Verified
I wanted to restrict access to the PHP file directly, but also be able to call it via jQuery $.ajax (XMLHttpRequest).
if (empty($_SERVER["HTTP_X_REQUESTED_WITH"]) && $_SERVER["HTTP_X_REQUESTED_WITH"] != "XMLHttpRequest") {
if (realpath($_SERVER["SCRIPT_FILENAME"]) == __FILE__) {
echo 'You are not allowed to Direct Access';
exit;
}
}
or
if(!defined('ABSPATH'){
die;
}
This code will help you to not prevent direct access in php file and make your site safe as far as possible.
Comments
Leave a Comment