How to disable file editing in the WordPress dashboard
Disabling file editing in the WordPress dashboard is a good security practice to prevent unauthorized access to your site’s code.
By default, WordPress lets administrators edit the code of their files directly with the code editor. This gives attackers an easy way to alter your files if they gain access to your account. If a plugin hasn’t already disabled this feature, you can do some light coding to disable it yourself.
Add the code below to the end of the file wp-config.php:
// Disallow file edits
define( 'DISALLOW_FILE_EDIT', true );
If you find this answer too little, I will show you how to disable file editing in this short step-by-step tutorial.
The above code snippet will disable the file editor in the WordPress admin dashboard.
After making these changes, the “Theme Editor” and “Plugin Editor” options under the “Appearance” and “Plugins” menus should be disabled for all users except Super Admins in a Multisite network.