kingkonglauncher

The only user that can edit post is myself aka the admin. I have some weird setup where users can indeed inject not code but text to the backend(and incase i have missed something which is very possible then i could accidentally perform do_shortcode on the page which contains user code). Which means that they can potentially trigger shortcodes.

So i simplified the strategy by avoiding all sorts of functional/powerful shortcodes and instead only use shortcodes for displaying simple html etc…

So from my understanding of your writing, as long as i make sure that user roles dont have access to edit posts, we should be safe?

• This reply was modified 3 years, 2 months ago by kingkonglauncher.

View post on imgur.com

–Worth mentionning, bitninja on server side always kicks in when choosing this file, and clicking on save settings

• This reply was modified 4 years ago by kingkonglauncher.

Update:

It’s not any single files that crashes the server i take it back.

It’s specifically wp-config.php, once you add that to the backuplist you can’t procced and save settings!