By default, the WordPress admin Dashboard allows administrators to modify the PHP files of plugins and themes.
If a website is lacking in proper security, attackers may take advantage of this WordPress PHP Editing functionality. Therefore, it is highly recommended that PHP Editing of Plugins and Themes is disabled.
PHP Editing can be disabled easily by adding the following line to the wp-config.php file of your website:
To access the wp-config.php file of your website, go to your File Manager, located in your Hosting Panel, under My Services.
Here is a screenshot of where exactly you need to place the code within the wp-config.php file:
The wp-config.php file is located in the public_html/ directory of the website and can be edited via FTP.
To learn how to use FTP with FileZilla, in order to connect to your account here, you can follow this step by step article!
If you run into trouble and get stuck, please raise a support ticket here:
and we will reply asap!
Head over to our WordPress hosting in Germany (and read more about the theme and plugin file editing here).
You can also visit our hosting in New Zealand here (and learn how to use FTP with FileZilla, too).
Which is the FASTEST WordPress hosting? (read the independent test by Matthew Woodward here).
Read what clients share about their WPX experience.
More security tips and information about our hosting in France find here.
Need superfast and secure host? Try our service in Australia.
WPX also provides an excellent support in Brazil!
Read more about WP themes and plugins and about our service in Singapore.
Find more customer feedback on Trustpilot.
Check out WPX Hosting in the Netherlands.
Try the excellent service and technical support from WPX in the UK.