How Disable the Plugin and Theme Editor
Occasionally you may wish to disable the plugin or theme editor to prevent overzealous users from being able to edit sensitive files and potentially crash the site. Disabling these also provides an additional layer of security if a hacker gains access to a well-privileged user account.
1 |
define( 'DISALLOW_FILE_EDIT', true ); |
If you want to do it manually, it’s easy. Here’s how:
1. Open up your wp-config.php
file for editing.
Download your wp-config.php
from your website and open it up in your favourite text editor
3. Find the setting DISALLOW_FILE_EDIT in your wp-config.php
and change it to true
By default, this setting isn’t specified in the WordPress wp-config.php
. If you’ve never set it before, it wont be there, and you’ll have to add it yourself.
But you need to be careful where you add new configuration settings – you cannot add them to the end of the file.
A good place to do it is to look for WP_DEBUG
and add it immediately after this line.
To enable this security setting, add the following line to your wp-config.php
:
1 |
define( 'DISALLOW_FILE_EDIT', true ); |
4. Replace your wp-config.php
Save your wp-config.php
file with the new line added, and upload it back to your WordPress site.
You’ll know it’s worked as outlined in the previous section.
Please note: the functionality of some plugins may be affected by the use of current_user_can('edit_plugins') in their code. Plugin authors should avoid checking for this capability, or at least check if this constant is set and display an appropriate error message. Be aware that if a plugin is not working this may be the cause.
Source : http://codex.wordpress.org/
Dilihat sebanyak : 219 kali
Leave a Reply