Yes, it works very good and also I have “DISALLOW_FILE_EDIT’, true”, thank you very much! But is this good for security of WP? If yes it should be in GPP documentation, I think.
If someone were to gain access to your Dashboard (already very bad), they could potentially use PHP to gain access to your server. This is why DISALLOW_FILE_EDIT is a good idea if your Dashboard is at risk.
If your Dashboard is locked down (2FA, strong password etc..), then you’re likely in the clear 🙂