Do you want to disable the theme and plugin editor in your WordPress admin panel? However, the WordPress file editor is a great feature. This allows you to edit theme and plugin files inside the WordPress Dashboard. But in some cases, it can also be dangerous!
If a hacker accesses your WordPress site’s dashboard, they can easily edit files and potentially execute malicious code.
Sounds scary, right?
Do not worry, this is an easy fix. You can easily disable the theme and plugin editor in your WordPress admin panel.
In this article, I’m going to share how to disable theme and plugin editors from the WordPress admin area.
Why Disable Theme and Plugin Editors in WordPress
WordPress comes with a built-in file editor which allows editing theme and plugin files directly from the WordPress Dashboard.
If a hacker gains access to your WordPress dashboard, they can easily edit files and install malicious code on your WordPress website.
That’s why to improve WordPress security, I recommend removing the built-in WordPress plugin and theme editor from your admin panel.
How to Know Theme and Plugin Editors Enabled
Login to your WordPress site and click on Appearance >> Theme Editor page. It will show your currently active theme’s files. As you can see in the screenshot below.
Similarly, plugin editor is located under Plugins >> Editor. It will show the plugins installed on your site that comes first in alphabetical order.
If you go to the theme or plugin editor page for the first time, it will warn you that your website may also break.
Now let’s get started how to easily disable theme and plugin editors in WordPress.
Disable the WordPress Plugin and Theme Editor Using wp-config.php File
You will need to use your WordPress wp-config.php file, which can’t be accessed via the WordPress dashboard.
It is normally found in the WordPress root directory, / public_html /.
Once you’ve found
define( 'DISALLOW_FILE_EDIT', true );
Save the file and that’s it! WordPress plugin and theme editor will be disabled.
Here I told you how to disable theme and plugin editors in WordPress. This is the easiest and best way.
Apart from this, if you are using a security plugin like iThemes Security or Sucuri or All In One WP Security & Firewall Plugin on your site, then it’s a good choice to disable file editor.
Hope you found the post useful and comprehensive! Don’t forget to share it!