How Disable the Plugin and Theme Editor

October 7, 2014 at 12:37 pm | By : Muhammad Syarif WordPress No comments

Occasionally you may wish to disable the plugin or theme editor to prevent overzealous users from being able to edit sensitive files and potentially crash the site. Disabling these also provides an additional layer of security if a hacker gains access to a well-privileged user account.

define( 'DISALLOW_FILE_EDIT', true );

1	define( 'DISALLOW_FILE_EDIT', true );

If you want to do it manually, it’s easy. Here’s how:

1. Open up your `wp-config.php` file for editing.

Download your wp-config.php from your website and open it up in your favourite text editor

3. Find the setting DISALLOW_FILE_EDIT in your `wp-config.php` and change it to true

By default, this setting isn’t specified in the WordPress wp-config.php. If you’ve never set it before, it wont be there, and you’ll have to add it yourself.

But you need to be careful where you add new configuration settings – you cannot add them to the end of the file.

A good place to do it is to look for WP_DEBUG and add it immediately after this line.

To enable this security setting, add the following line to your wp-config.php:

define( 'DISALLOW_FILE_EDIT', true );

1	define( 'DISALLOW_FILE_EDIT', true );

4. Replace your `wp-config.php`

Save your wp-config.php file with the new line added, and upload it back to your WordPress site.

You’ll know it’s worked as outlined in the previous section.

Please note: the functionality of some plugins may be affected by the use of current_user_can('edit_plugins') in their code. Plugin authors should avoid checking for this capability, or at least check if this constant is set and display an appropriate error message. Be aware that if a plugin is not working this may be the cause.

Source : http://codex.wordpress.org/

Dilihat sebanyak : 219 kali