How to Disable Theme and Plugin Editors from WordPress Admin Panel
Did you understand that WordPress includes an integrated theme and plugin editor? This plain code editor permits you to modify your style and plugin files directly from the WordPress dashboard.
Now, this may sound actually handy, however it can likewise lead to issues such as breaking your site and possible security issues when combined with other vulnerabilities.
In this article, we will discuss why and how to disable theme and plugin editors from the WordPress admin location.
Why Disable Style and Plugin Editors in WordPress?
WordPress features a built-in code editor which allows you to edit WordPress style and plugin files directly from the admin location.
The style editor is located at Look” Style Editor page. By default, it will reveal your currently active style’s files.
Similarly, the plugin editor can be seen at Plugins” Plugin Editor page. By default, it will show you among the installed plugins from your website that shows up first in the alphabatical order.
If you check out the style or plugin editor page for the very first time, WordPress will alert you that using the editor can break your website.
In WordPress 4.9, style and plugin editors were upgraded to protect users from mistakenly breaking their website. In many cases, the editor will catch a fatal error and will revert back the changes.
Nevertheless, this is not ensured and some code may still slip through and you would end up losing access to the WordPress admin location
The greatest issue with the integrated file editor is that it provides full access to add any type of code to your site.
If a hacker got into your WordPress admin location, then they can use the built-in editor to get access to all your WordPress information.
Hackers can also use it to distribute malware or launch DDOS attacks from your WordPress website.
To improve WordPress security, we suggest eliminating the integrated file editors entirely.
That being stated, let’s see how to easily disable theme and plugin editors in WordPress.
How to Disable Style and Plugin Editors in WordPress
Disabling theme and plugin editors in WordPress is rather easy.
Just modify your wp-config. php file and paste the following code prior to the line that states ‘ That’s all, stop editing! Pleased publishing’:
define( 'DISALLOW_FILE_EDIT', true );-LRB- **********************).
You can now conserve your modifications and upload the file back to your site.
That's all, plugin and style editors will now disappear from themes and plugins menus in the WordPress admin location.
If you do not wish to edit the files straight, then you can set up the Sucuri WordPress plugin which uses 1-click solidifying feature.
Proper Method to Edit WordPress Theme and Plugin Files
Many users in fact use WordPress style and plugin editors to look up the code, include customized CSS, or editing code in their child styles.
If you only want to include customized CSS to your style, then you can do so by utilizing the theme customizer situated under Appearance" Tailor
For more details, see our guide on how to include custom-made CSS in WordPress without breaking your site.
If you want to search for the code in a plugin, then you can do so by utilizing an FTP client
For better file management and syntax highlighting, you can use among these code editors for modifying WordPress files on your computer system.
Last but not least, you can also develop a custom WordPress theme without writing any code.
We hope this short article helped you discover how to easily disable style and plugin editors from WordPress admin panel. You may likewise wish to see our ultimate guide to improving WordPress performance and speed