Disable File Editing in WordPress

Disable file editing in WordPress admin

In this guide, we show how you can disable file editing in WordPress admin by adding a line to your wp-config.php file. If you have used the 1-click installer, file edit is disabled by default.

When file editing is enabled, Administrator users can edit the code of themes and plugins directly from the WordPress dashboard. This is a potential security risk because not everyone has the skills to write code, and if a hacker breaks in, they would have access to all your data. That's why we recommend disabling it.

  1. Log into the TD Web Services control panel.
  2. Open File Manager.
  3. Locate the file wp-config.php and check the box to select it.
  4. Click Edit in the menu bar at the top of your screen.
  5. Search wp-config for define('DISALLOW_FILE_EDIT', it is usually located towards the bottom.
  6. If you've found it, check it's set to "true" (see below). If it's not there, you need to add it to the bottom of the file, like this:
define('DISALLOW_FILE_EDIT', true);
  1. Click Save at the top of your screen.
  • WordPress Security
  • 1 Benutzer fanden dies hilfreich
War diese Antwort hilfreich?

Verwandte Artikel

Categories and tags have vanished

The problem ended up being that system alerts had caused certain functions to shut down. One of...

Leverage Browser Caching

<IfModule mod_expires.c> ExpiresActive On ExpiresDefault "access plus 1 month"...

How to deactivate all plugins when not able to access the administrative menus?

Sometimes it may be necessary to deactivate all plugins, but you can't access the administrative...

How to Move a WordPress Website from HTTP to HTTPS/SSL

Configuring WordPress for SSL/HTTPS Links in WordPress (such as image attachments, themes CSS...

WordPress Security - Base64 and eval

WordFence has a scanner that can find base64 and eval code. You can use CPANEL file manager to...