Plugin Check: missing_direct_file_access_protection #759
Description
Describe the bug
Currently we get a lot "missing_direct_file_access_protection " errors reported by Plugin Check.
These affects the following files:
- class-two-factor-compat.php
- class-two-factor-core.php
- providers/class-two-factor-backup-codes.php
- providers/class-two-factor-dummy.php
- providers/class-two-factor-email.php
- providers/class-two-factor-fido-u2f.php
- providers/class-two-factor-fido-u2f-admin.php
- providers/class-two-factor-totp.php
- two-factor.php
It would also affect those but we'll skip those files as those come from WP directly, correct @kasparsd ?
- FILE: includes/function.login-footer.php
- FILE: includes/function.login-header.php
Here is the full message for one example file:
class-two-factor-compat.php
| Line | Column | Type | Code | Message | Docs |
|---|---|---|---|---|---|
| 0 | 0 | ERROR | missing_direct_file_access_protection | PHP file should prevent direct access. Add a check like: if ( ! defined( 'ABSPATH' ) ) exit; | Docs |
Steps to Reproduce
- Install Plugin Check Plugin
- Choose Two Factor, Categories = "Plugin Repo" and Types = "Error" & "Warning"
- see results
Screenshots, screen recording, code snippet
No response
Environment information
No response
Please confirm that you have searched existing issues in this repository.
Yes
Please confirm that you have tested with all plugins deactivated except Two-Factor.
Yes
Metadata
Metadata
Assignees
Labels
No labels
Type
Projects
Status