Home › Forums › Theme support › Hot theme: Custom CSS Exploitable for ddos attack › Reply To: Hot theme: Custom CSS Exploitable for ddos attack
I protected the site with a Firewall from Sucuri, and that company sent me this message regarding this file and another one:
“Any .php file deep inside wp-content will have it’s directly access blocked by the Firewall, since most of the cases those files accessed directly are backdoors. Well coded plugins/themes do not load php files directly, they usually use AJAX instead:
https://codex.wordpress.org/AJAX_in_Plugins“