How to disable file editing in the WordPress dashboard

ByPrem Tiwari Last updated on

Disabling file editing in the WordPress dashboard is a good security practice to prevent unauthorized access to your site’s code.

By default, WordPress lets administrators edit the code of their files directly with the code editor. This gives attackers an easy way to alter your files if they gain access to your account. If a plugin hasn’t already disabled this feature, you can do some light coding to disable it yourself.

Add the code below to the end of the file wp-config.php:


// Disallow file edits
define( 'DISALLOW_FILE_EDIT', true );

If you find this answer too little, I will show you how to disable file editing in this short step-by-step tutorial.

How to disable file editing in the WordPress dashboard

The above code snippet will disable the file editor in the WordPress admin dashboard.

After making these changes, the “Theme Editor” and “Plugin Editor” options under the “Appearance” and “Plugins” menus should be disabled for all users except Super Admins in a Multisite network.

Found it helpful? Share it with your friends on social media!

Prem Tiwari is a passionate advocate of open source technology, with over 10+ years of experience in the WordPress domain. He has great experience when it comes to scaled WordPress projects which caters the need for big enterprise clients on WordPress and WordPress VIP-GO platform.