The Plugin Editor and Theme Editor in WordPress allow you to directly edit your site’s code. While this can be helpful, it also presents security risks. Disabling these editors is a simple way to protect your site.
Follow the steps below to turn them off.
Step 1: Access/Open the wp-config.php
- Use FTP or File Manager in your hosting control panel.
- Find the wp-config.php file in the root folder of your WordPress site.
Step 2: Add This Code
- Open wp-config.php, add this code:
// Disable the Plugin and Theme Editor
define('DISALLOW_FILE_EDIT', true);Step 3: Save the File
- Save and upload the wp-config.php file back to your server.
Once done, the Plugin Editor and Theme Editor will be disabled for everyone, including administrators.
Conclusion
Disabling the Plugin and Theme Editors is a quick and effective way to enhance the security of your WordPress site. By adding just a small snippet of code to your wp-config.php file, you can prevent any unauthorized code changes.