By default, the WordPress admin Dashboard allows administrators to modify the PHP files of plugins and themes.
If a website is lacking in proper security, attackers may take advantage of this WordPress PHP Editing functionality. Therefore, it is highly recommended that PHP Editing of Plugins and Themes is disabled.
PHP Editing can be disabled easily by adding the following line to the wp-config.php file of your website:
To access the wp-config.php file of your website, go to your File Manager, located in your Hosting Panel, under My Services.
Here is a screenshot of where exactly you need to place the code within the wp-config.php file:
The wp-config.php file is located in the public_html/ directory of the website and can be edited via FTP.
To learn how to use FTP with FileZilla, in order to connect to your account here, you can follow this step by step article!
If you run into trouble and get stuck, please raise a support ticket here:
and we will reply asap!