One measure to harden WordPress is to disable PHP execution in specific folders. WordPress and several blog posts mention the wp-content and wp-includes folder. After disabling PHP execution on these two folders, the visual editor broke, not showing my post while the editing toolbar was gone as well. This problem not immediately relates to PHP execution being disabled since everything else worked perfectly fine..

I make notes of every change and my “Admin Logbook” (some might call it “Captains Log..”) showed the last change being this hardening change.  After I enabled PHP execution on wp-includes only, the editor worked again. Note that you have to clear the cache of your browser after making these changes.

This applies to WordPress 3.8.1 on Win Server 2012, with the Academica theme from WPZOOM.

Leave a Reply

Your email address will not be published. Required fields are marked *

39 + = 43