JustBrightMe

Be Smart and Don’t Stop Learning

Home » WordPress Guide » How to Disable Theme and Plugin Editors from WordPress Admin Panel

How to Disable Theme and Plugin Editors from WordPress Admin Panel

Do you want to disable the theme and plugin editor in your WordPress admin panel? However, the WordPress file editor is a great feature. This allows you to edit theme and plugin files inside the WordPress Dashboard. But in some cases, it can also be dangerous!

If a hacker accesses your WordPress site’s dashboard, they can easily edit files and potentially execute malicious code.

Sounds scary, right?

Do not worry, this is an easy fix. You can easily disable the theme and plugin editor in your WordPress admin panel.

In this article, I’m going to share how to disable theme and plugin editors from the WordPress admin area.

Why Disable Theme and Plugin Editors in WordPress

WordPress comes with a built-in file editor which allows editing theme and plugin files directly from the WordPress Dashboard.

If a hacker gains access to your WordPress dashboard, they can easily edit files and install malicious code on your WordPress website.

That’s why to improve WordPress security, I recommend removing the built-in WordPress plugin and theme editor from your admin panel.

How to Know Theme and Plugin Editors Enabled

Login to your WordPress site and click on Appearance >> Theme Editor page. It will show your currently active theme’s files. As you can see in the screenshot below.

How to Disable Theme and Plugin Editors from WordPress Admin Panel

Similarly, plugin editor is located under Plugins >> Editor. It will show the plugins installed on your site that comes first in alphabetical order.

How to Disable Theme and Plugin Editors from WordPress Admin Panel

If you go to the theme or plugin editor page for the first time, it will warn you that your website may also break.

How to Disable Theme and Plugin Editors from WordPress Admin Panel

Now let’s get started how to easily disable theme and plugin editors in WordPress.

Disable the WordPress Plugin and Theme Editor Using wp-config.php File

You will need to use your WordPress wp-config.php file, which can’t be accessed via the WordPress dashboard.

It is normally found in the WordPress root directory, / public_html /.

Once you’ve found wp-config.php file, Simply edit your wp-config.php file and paste the following code just before the line that says /* That’s all, stop editing! Happy blogging. */.

define( 'DISALLOW_FILE_EDIT', true );

Save the file and that’s it! WordPress plugin and theme editor will be disabled.

Final Thought

Here I told you how to disable theme and plugin editors in WordPress. This is the easiest and best way.

Apart from this, if you are using a security plugin like iThemes Security or Sucuri or All In One WP Security & Firewall Plugin on your site, then it’s a good choice to disable file editor.

Hope you found the post useful and comprehensive! Don’t forget to share it!

More resources

About AMAN SINGH

AMAN SINGH, who owns JustBrightMe, is a full-time blogger and loves sharing content on WordPress, SEO & Blogging Tips.

Reader Interactions

Leave a Reply

Your email address will not be published.