Recently, I found out that there is a huge error log file (error_log) in my current theme folder. Upon checking the whole log file contains the following error.
[26-Apr-2014 16:01:14 UTC] PHP Fatal error: Call to undefined function get_header() in /home/user/public_html/www.website.com/wp-content/themes/mytheme/index.php on line 1 [26-Apr-2014 16:08:00 UTC] PHP Fatal error: Call to undefined function get_header() in /home/user/public_html/www.website.com/wp-content/themes/mytheme/index.php on line 1
Upon checking & try to reproduce the error, I find out that the error was generated each time when a visitor tries to access theme’s index.php file directly.
I’m not sure if there will be a security issue, but the error will expose your cPanel username if you are using it.
There are 2 methods on how to fix this problem.
1. Redirect it to main page. To do it, edit “index.php” in the root of theme folder & replace
<?php get_header(); ?>
with
<?php if (defined('ABSPATH')) { get_header(); }else{ header("Location: http://" . $_SERVER['HTTP_HOST'] . ""); exit; }; ?>
2. Disable direct access of theme’s index file. To do it, edit “index.php” in the root of theme folder & replace
<?php get_header(); ?>
with
<?php if (! defined('ABSPATH')) die('Access Denied.'); get_header(); ?>