I think this best way to prevent direct access..
<?php if (!defined('ABSPATH')) { exit; }?>
i have used this on all my php files..can it create problems?
any files on WordPress theme i should not use it?
1 Answer
The point of that code is to prevent any PHP inside the file from being executed if the file is accessed directly outside a WordPress context. ABSPATH is defined by WordPress, so if it’s missing when the file is accessed you can tell that it’s not running in a WordPress context.
So the only place you wouldn’t use it is in any file that you did need to access directly. There probably shouldn’t be any such files in a WordPress theme or plugin. The most common example might be a file for handling AJAX requests, but in WordPress you should be using admin-ajax.php or the REST API for that sort of thing.