WordPress plugin and theme editor is really a handy way to edit and handle all your theme and plugin files.
The inbuilt editor enables any WordPress user to quickly edit theme and plugin files without messing with FTP of other back-end control panel’s like Cpanel.
No matter how handy is this feature is, it could be scariest at times as a small mistake or typo in the editor may break your live site. Also, if you are managing WordPress for your client then it is a good idea that you disable plugin and theme editor to restrict any modifications by your client at code level.
Moreover, disabling plugin and theme editor will also improve your WordPress security in the events of hack attacks as the hacker cannot easily edit your plugin or theme files to insert malicious code.
So in this quick guide, let us see how you can disable plugin and theme editor in your WordPress website.
Add Code Snippet
Disabling plugin and theme editor in WordPress is really easy, all you have to do is to add the below code snippet in your
To do that, fire up your favorite FTP client and open the
wp-config.php file. Here scroll download, copy and paste the below code snippet at the end of the file.
/** Disable plugin and theme editor **/ define('DISALLOW_FILE_EDIT',true);
Now save and upload the file. That’s all there is do. From this point forward, no WordPress user, including the admin can access the plugin and theme editor.
Use Disable Theme and Plugin Editor Plugin
If you are uncomfortable editing the core WordPress file, then try the Disable Theme and Plugin Editor plugin from WordPress repository.
You can install this plugin using the built-in WordPress plugin installer or you can directly upload it using your favorite FTP client.
Once activated, this plugin disables the theme and plugin editor in your WordPress installation. If you ever want to re-enable the editor, just deactivate or delete the plugin.
That’s all there is to do and hopefully that helps. Do comment below if you face and difficulties while disabling plugin and theme editor in your WordPress site.