disable editing Theme

WordPress 管理區域中禁用主題和外掛編輯器

Last Updated on October 7, 2022

受到 File Manager plugin 外掛漏洞的影響,避免客戶自己安裝這一類的高危險外掛,請在 wp-config.php 文件裡,加入以下代碼禁止客戶使用:

##Disable Editing in Dashboard
define('DISALLOW_FILE_EDIT', true);

File Manager plugin

後續 File Manager plugin 外掛所造成的災難

數百萬個文件管理器漏洞攻擊的網站:

https://www.wordfence.com/blog/2020/09/millions-of-sites-targeted-in-file-manager-vulnerability-attacks/

攻擊者爭奪對文件管理器漏洞中針對的網站的控制:

https://www.wordfence.com/blog/2020/09/attackers-fight-for-control-of-sites-targeted-in-file-manager-vulnerability/

Photo by Liam Tucker on Unsplash

Share your thoughts