{"id":6443,"date":"2020-04-15T15:00:58","date_gmt":"2020-04-15T13:00:58","guid":{"rendered":"https:\/\/qodeinteractive.com\/magazine\/?p=6443"},"modified":"2020-09-04T01:27:19","modified_gmt":"2020-09-03T23:27:19","slug":"disable-wordpress-theme-and-plugin-editors","status":"publish","type":"post","link":"https:\/\/qodeinteractive.com\/magazine\/disable-wordpress-theme-and-plugin-editors\/","title":{"rendered":"How to Disable WordPress Theme and Plugin Editors from Admin Panel"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column][vc_column_text]WordPress comes with built-in editors for themes and plugins, which allow users to edit folders that comprise the theme and plugins directly from the admin panel. Although this seems incredibly convenient, these built-in features can also lead to a plethora of security issues that may turn your website into a fertile ground for malware. [\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]In this article, we\u2019ll show you how to disable the WordPress theme and plugin editors from the admin panel. To make it easier for you to navigate, we\u2019ve broken this down into different methods you can try:[\/vc_column_text][vc_empty_space height=&#8221;23px&#8221;]<ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#using-ftp-client\">Using FTP client<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul><ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#using-cpanel\">Using cPanel<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul><ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#using-the-functions-php-file\">Using the functions.php file<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul><ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#using-third-party-plugins\">Using third-party plugins<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul><ul class=\"qodef-unordered-list-item qodef-toc\">\n    <li>\n\t        <div class=\"qodef-ul-title-holder\">\n            <span class=\"qodef-ul-title-content\"><a href=\"#bonus-tip\">Bonus tip for extra security<\/a><\/span>        <\/div>\n            <\/li>\n<\/ul>[vc_empty_space height=&#8221;70px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\">Why You Should Disable WordPress Theme and Plugin Editors<\/h2>\n<p>[\/vc_column_text][vc_column_text]You will find the theme editor by navigating to <strong>Appearance &gt; Theme<\/strong> editor on the admin panel:<br \/>\n[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Appearance-Theme-Editor.jpg\" class=\"attachment-full size-full\" alt=\"Appearance Theme Editor\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Appearance-Theme-Editor.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Appearance-Theme-Editor-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Appearance-Theme-Editor-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]By default, <strong>your editor will display files from the currently active theme<\/strong>. The first file you\u2019ll see in the editor is the style.css. The other available files are located in the Theme Files list in the right sidebar.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]You can access the plugin editor by navigating to <strong>Plugins &gt; Plugin editor<\/strong> in the admin panel. It will display one of the installed plugins, the first in alphabetical order.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Plugin-Editor.jpg\" class=\"attachment-full size-full\" alt=\"Plugin Editor\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Plugin-Editor.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Plugin-Editor-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Plugin-Editor-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]If this is the first time you\u2019re accessing the theme and plugin editor, you will get this notification from WordPress, warning you that <strong>these editors can be harmful to your website<\/strong>.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Notification-from-WordPress.jpg\" class=\"attachment-full size-full\" alt=\"Notification from WordPress\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Notification-from-WordPress.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Notification-from-WordPress-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Notification-from-WordPress-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]In the latest versions of WordPress, <strong>theme and plugin editors have been somewhat upgraded to prevent edits that may lead to errors and crashes<\/strong>. For example, if you insert a wrong line of code, the editor will report the mistake before allowing you to save changes.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Mistake-in-Theme-Editor.jpg\" class=\"attachment-full size-full\" alt=\"Mistake in Theme Editor\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Mistake-in-Theme-Editor.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Mistake-in-Theme-Editor-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Mistake-in-Theme-Editor-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]As you can see, you also have the <strong>option to save changes on file regardless of the warning<\/strong>. [\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]The issue with these built-in editors is that they <strong>enable access to every type of code on your website<\/strong>. This turns them into possible vehicles for cyberattacks.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]If a hacker gains access to your WordPress admin panel, these editors will enable them to modify vulnerable files and inject them with malicious code.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]They do it by <strong>engaging in brute force attacks on a WordPress site<\/strong>. As soon as they crack the password of the administrator account, they access the theme and plugin editor to modify the files. But the breach doesn\u2019t always come from the outside. If you have a client or an employee who has full access to the admin panel, they can <strong>accidentally insert malicious code or cause a website crash<\/strong>.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]This is why it is strongly recommended to <strong>disable WordPress editors for themes and plugins<\/strong>.[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\">How to Disable the Theme and Plugin Editors<\/h2>\n<p>[\/vc_column_text][vc_column_text]The easiest way to turn off both editors is to add one line of code to the wp-config.php file. Now we\u2019ll show you how to do this using an FTP client, cPanel, and other methods.[\/vc_column_text][vc_empty_space height=&#8221;72px&#8221;][vc_column_text]<\/p>\n<h3 class=\"qodef-h5\"><a id=\"using-ftp-client\"><\/a>Using FTP Client<\/h3>\n<p>[\/vc_column_text][vc_column_text]For this method, you\u2019ll need an FTP client such as <a href=\"https:\/\/filezilla-project.org\/\" target=\"_blank\" rel=\"noopener noreferrer\">Filezilla<\/a>. Filezilla is incredibly practical and simple to use even for less experienced users.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]In this article, you\u2019ll find a detailed guide on <a href=\"https:\/\/qodeinteractive.com\/magazine\/how-to-edit-wp-config-file\/\" target=\"_blank\" rel=\"noopener noreferrer\">how to access the wp-config.php file<\/a> using FTP. Before you start editing the wp-config file, keep in mind that <strong>even a small mistake can cause errors on your website<\/strong>. To avoid these problems, <a href=\"https:\/\/qodeinteractive.com\/magazine\/how-to-manually-backup-wordpress-website\/\">create a backup of your website<\/a>, as well as a copy of the wp-config.php file.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]Now, open the file from your server in the text editor and insert the following line of code before the line: \u2018<em>That\u2019s all, stop editing! Happy publishing<\/em>\u2019:[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;][vc_column_text]<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\">define( 'DISALLOW_FILE_EDIT', true );<\/pre>\n<p>[\/vc_column_text][vc_empty_space height=&#8221;39px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Insert-the-line-of-code.jpg\" class=\"attachment-full size-full\" alt=\"Insert the line of code\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Insert-the-line-of-code.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Insert-the-line-of-code-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Insert-the-line-of-code-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]When you do this, <strong>save this edit in file and replace the wp-config.php file<\/strong> with the edited file.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]When you go back to the WordPress admin panel, you\u2019ll see that access to these editors is no longer possible.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Theme-Editors.jpg\" class=\"attachment-full size-full\" alt=\"Hide the Theme Editors\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Theme-Editors.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Theme-Editors-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Theme-Editors-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;60px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Plugin-Editors.jpg\" class=\"attachment-full size-full\" alt=\"Hide the Plugin Editors\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Plugin-Editors.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Plugin-Editors-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Plugin-Editors-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;82px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h3 class=\"qodef-h5\"><a id=\"using-cpanel\"><\/a>Using cPanel<\/h3>\n<p>[\/vc_column_text][vc_column_text]For some users, it\u2019s easier to edit the wp-config.php file using cPanel. The process is similar to the FTP method. First,<strong> you need to log into your cPanel<\/strong>, which is usually accessed via address <em>http:\/\/mydomain.com\/cpanel<\/em>. After you log in, <strong>click on the option File Manager<\/strong>.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"710\" height=\"378\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/02\/File-Manager.jpg\" class=\"attachment-full size-full\" alt=\"File Manager\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/02\/File-Manager.jpg 710w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/02\/File-Manager-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/02\/File-Manager-620x330.jpg 620w\" sizes=\"auto, (max-width: 710px) 100vw, 710px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]In the following tab, you\u2019ll see the <strong>structure of the directories on your server<\/strong>. In case you have more than one domain, you need to <strong>mark the folder with the name of your domain<\/strong>. This folder contains the files from your WordPress installation, including the wp-config.php file. Right-click on the file and select Edit.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Select-Edit.jpg\" class=\"attachment-full size-full\" alt=\"Select Edit\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Select-Edit.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Select-Edit-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Select-Edit-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]In the file editor, add the following line of code and click on the Save button:[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;][vc_column_text]<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\">define( 'DISALLOW_FILE_EDIT', true );<\/pre>\n<p>[\/vc_column_text][vc_empty_space height=&#8221;39px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-cPanel.jpg\" class=\"attachment-full size-full\" alt=\"Using cPanel\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-cPanel.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-cPanel-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-cPanel-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]Now you\u2019ve disabled the theme and plugin editors in the WordPress admin panel. In case there has been a mistake in the process, you can always import the file copy from your backup. [\/vc_column_text][vc_empty_space height=&#8221;81px&#8221;][vc_separator color=&#8221;custom&#8221; accent_color=&#8221;#e6eaea&#8221;][vc_empty_space height=&#8221;50px&#8221;][vc_widget_sidebar sidebar_id=&#8221;top-picks-banner&#8221;][vc_empty_space height=&#8221;28px&#8221;][vc_separator color=&#8221;custom&#8221; accent_color=&#8221;#e6eaea&#8221;][vc_empty_space height=&#8221;84px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h3 class=\"qodef-h5\"><a id=\"using-the-functions-php-file\"><\/a>Using the Functions.Php File<\/h3>\n<p>[\/vc_column_text][vc_column_text]If you don\u2019t want to edit your wp-config.php file, it is also possible to add the same line of code to the functions.php file. <a href=\"https:\/\/qodeinteractive.com\/magazine\/how-to-use-ftp\/\">Accessing the functions.php file using FTP<\/a> is similar to finding the wp-config.php file. Just <strong>navigate to the theme folder, right-click on the functions.php file and select the option View\/Edit<\/strong>:[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-the-functions.php-file.jpg\" class=\"attachment-full size-full\" alt=\"Using the functions.php file\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-the-functions.php-file.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-the-functions.php-file-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-the-functions.php-file-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]When you open the file in the text editor, insert the following line of code at the end of the functions.php file.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;][vc_column_text]<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\">define( 'DISALLOW_FILE_EDIT', true );<\/pre>\n<p>[\/vc_column_text][vc_empty_space height=&#8221;39px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Theme-and-Plugin-Editors.jpg\" class=\"attachment-full size-full\" alt=\"Hide the Theme and Plugin Editors\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Theme-and-Plugin-Editors.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Theme-and-Plugin-Editors-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Hide-the-Theme-and-Plugin-Editors-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;82px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h3 class=\"qodef-h5\"><a id=\"using-third-party-plugins\"><\/a>Using Third-Party Plugins<\/h3>\n<p>[\/vc_column_text][vc_column_text]If you want to avoid modifying files and coding, you have the option to disable the theme and plugin editors using third-party plugins. <strong>One type of plugins enables you to automatically add required lines of code, while the other type simply disables editors<\/strong>.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]If you want to use a plugin to insert code, we\u2019ll show you how to do it using a <a href=\"https:\/\/wordpress.org\/plugins\/code-snippets\/\" target=\"_blank\" rel=\"noopener noreferrer\">Code Snippet plugin<\/a> that will add the following line of code.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;][vc_column_text]<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\"><span style=\"font-weight: 400;\">define( 'DISALLOW_FILE_EDIT', true );<\/span><\/pre>\n<p>[\/vc_column_text][vc_empty_space height=&#8221;39px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-third-party-plugin.jpg\" class=\"attachment-full size-full\" alt=\"Using third party plugin\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-third-party-plugin.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-third-party-plugin-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Using-third-party-plugin-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]To disable the editors automatically, we recommend you install the <a href=\"https:\/\/wordpress.org\/plugins\/disable-file-editor\/\" target=\"_blank\" rel=\"noopener noreferrer\">Disable File Editor plugin<\/a>. All you need to do is install and activate the tool. It does not have customizable settings, so when you activate it, it will <strong>automatically disable the theme and plugin editors<\/strong>.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Disable-File-Editor-plugin.jpg\" class=\"attachment-full size-full\" alt=\"Disable File Editor plugin\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Disable-File-Editor-plugin.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Disable-File-Editor-plugin-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Disable-File-Editor-plugin-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]Since most WordPress users utilize theme and plugin editors to search for the code in files, add custom CSS and edit code in the child theme, here\u2019s an alternative way to do it once you disable editors. Simply navigate to <strong>Appearance &gt; Customize &gt; Additional CSS<\/strong> field:[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Additional-CSS-field.jpg\" class=\"attachment-full size-full\" alt=\"Additional CSS field\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Additional-CSS-field.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Additional-CSS-field-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Additional-CSS-field-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]For editing theme and plugin files, you can use FTP software.[\/vc_column_text][vc_empty_space height=&#8221;72px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h3 class=\"qodef-h5\"><a id=\"bonus-tip\"><\/a>*Bonus Tip for Extra Security<\/h3>\n<p>[\/vc_column_text][vc_column_text]Since our main goal here is preventing security issues with your website, here\u2019s another way to prevent hackers from exploiting your site\u2019s vulnerabilities. You can <strong>disable the option for adding a new theme or installing\/deleting plugins<\/strong>. If you add this line of code to your wp-config.php file, you\u2019ll notice that this option will no longer be available.[\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;][vc_column_text]<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\">define('DISALLOW_FILE_MODS',true);<\/pre>\n<p>[\/vc_column_text][vc_empty_space height=&#8221;39px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Bonus-tip-for-extra-security.jpg\" class=\"attachment-full size-full\" alt=\"Bonus tip for extra security\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Bonus-tip-for-extra-security.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Bonus-tip-for-extra-security-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Bonus-tip-for-extra-security-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]You will still be able to activate or deactivate currently installed plugins.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]However, <strong>be careful when you\u2019re inserting this line of code since some plugins require file modifications to function properly<\/strong>. For example, <a href=\"https:\/\/wordpress.org\/plugins\/loco-translate\/\" target=\"_blank\" rel=\"noopener noreferrer\">Loco Translate plugin<\/a> creates and changes files with extensions .mo and .po. The same goes for the plugins that allow you to configure a child theme.[\/vc_column_text][vc_empty_space height=&#8221;28px&#8221;][vc_column_text]You\u2019ll know that this code is creating issues with your plugins if you see the following notification after activating the plugin. [\/vc_column_text][vc_empty_space height=&#8221;50px&#8221;]<div class=\"qodef-single-image-holder   qodef-has-border \">\n    <div class=\"qodef-si-inner\" >\n                                    <img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"374\" src=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Issues-with-your-plugins.jpg\" class=\"attachment-full size-full\" alt=\"Issues with your plugins\" srcset=\"https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Issues-with-your-plugins.jpg 700w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Issues-with-your-plugins-300x160.jpg 300w, https:\/\/qodeinteractive.com\/magazine\/wp-content\/uploads\/2020\/04\/Issues-with-your-plugins-620x331.jpg 620w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/>                        <\/div>\n<\/div>[vc_empty_space height=&#8221;38px&#8221;][vc_column_text]In that case, you\u2019ll have to allow file modification and use one of the previous steps we described.[\/vc_column_text][vc_empty_space height=&#8221;68px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 class=\"qodef-h4\">Final Thoughts<\/h2>\n<p>[\/vc_column_text][vc_column_text]Although the WordPress admin panel is the simplest way to access theme and plugin editors, due to the ever-growing focus on site security, our suggestion is to consider some of these options and disable the editors. This way, you\u2019ll fully control the theme and plugin editing process and improve your site\u2019s protection.[\/vc_column_text][\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Learn how to disable the WordPress theme and plugin editors from your admin dashboard and improve your site security.<\/p>\n","protected":false},"author":10600,"featured_media":6466,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[14,4,13],"class_list":["post-6443","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tutorials","tag-core","tag-tips","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/posts\/6443","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/users\/10600"}],"replies":[{"embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/comments?post=6443"}],"version-history":[{"count":0,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/posts\/6443\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/media\/6466"}],"wp:attachment":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/media?parent=6443"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/categories?post=6443"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/tags?post=6443"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}