Back

How to Disable Theme and Plugin File Editing in your Dashboard


By default, the WordPress admin Dashboard allows administrators to modify the PHP files of plugins and themes.


If a website is lacking in proper security, attackers may take advantage of this WordPress PHP Editing functionality. Therefore, it is highly recommended that PHP Editing of Plugins and Themes is disabled.

PHP Editing can be disabled easily by adding the following line to the wp-config.php file of your website:

define('DISALLOW_FILE_EDIT', true);

To access the wp-config.php file of your website, go to your File Manager, located in your Hosting Panel, under My Services.

Here is a screenshot of where exactly you need to place the code within the wp-config.php file:



The wp-config.php file is located in the public_html/ directory of the website and can be edited via FTP.

To learn how to use FTP with FileZilla, in order to connect to your account here, you can follow this step by step article!


If you run into trouble and get stuck, please raise a support ticket here:

https://wpxhosting.com/tickets/new/

and we will reply asap!

"I love the interface and...support is where WPX Hosting is like no other"

Adam Connell, WP Superstars (read full review here)
Read All Independent Reviews Here