Your WordPress website always comes with a built-in theme and plugin editor by default. This allows you to edit your theme and plugin files directly from the dashboard. This sounds reliable and better for your site, but it can also lead to many issues. Do you want to learn How to Disable Theme and Plugin Editors from WordPress Admin Panel?
Why Disable Theme and Plugin Editors from WordPress Admin Panel?
All the WordPress website comes with a built-in code editor. This allows you to edit the themes and plugins used in your WordPress site directly from the admin area.
The theme editor is located at Appearance>>Theme Editor Page. By default, it also shows your currently active themes file.
In the same way, the plugin editor can be seen in Pluglins>>Plugin Editor Page. By default, it also shows one of the installed plugins of your WordPress website that comes up first in the alphabetical order.
When you visit the theme and plugin editor for the first time, WordPress warns you that using the editor can break your website.
In WordPress, theme and plugin editors are upgraded to protect the users from accidentally breaking the website. In most of such cases, the editor catches a fatal error and revert back the changes. However, you will not be guaranteed. Some code may still slip through and you would end up losing access to the WordPress admin area.
The difficulty with built-in file editor is that it fully allows you to add any kind of code to your website. If the hacker gets into your WordPress admin area, then they can use the built-in editor to gain access to all of your WordPress data.
Hackers can also use it to distribute malware or easily launch DDOS attacks from your WordPress website. In order to improve your WordPress security, we recommend you to remove the built-in file editor completely. Now let us learn How to Disable Theme and Plugin Editors from WordPress Admin Panel
Procedure to Disable Theme and Plugin Editors from WordPress Admin Panel
To Disable Theme and Plugin Editors form WordPress Admin Panel is quite easy. You can simply edit your wp-config.php file paste the code given above just before the line that says ‘That’s all, stop editing! Happy publishing’:
|1||define( ‘DISALLOW_FILE_EDIT’, true );|
Now you can save your changes and upload the file back to your website. It is all, your theme and plugin editor disappears from the theme and plugin menu in the WordPress admin area.
In this tutorial, we learned How to Disable Theme and Plugin Editors from the WordPress Admin Panel. Understanding its necessity, disabling it makes your WordPress website safe from all the hackers and your WordPress data remains safe with you. There may be some difficulties that you might need to face later too, but doing it is the best.
If you have any queries then let us know in the comment box below.
Also, Check Out: