Removing the WordPress admin file editor

Published 08 Mar 2012 in Clients, Security, Themes, WordPress by ZigPress

How many times have you handed over a project to a client, only to receive a phone call two weeks later saying “I think I broke the site…”?

Maybe your client used the theme file editor that is built in to the WordPress admin pages, without having a clue about what they were doing. Sure, you can upload the theme again, but it would probably be better for all concerned if you could simply prevent your clients accessing the theme file editor in the first place.

Well, you can. I don’t think this is a widely known trick, but it’s certainly an easy one.

In a site’s wp-config.php file, insert the following line:

define('DISALLOW_FILE_EDIT', true);

I usually put it just above the line that says “That’s all, stop editing! Happy blogging.”

As soon as you upload the updated wp-config.php file to the site, the “Editor” option will no longer be shown in the “Appearance” section of the WordPress admin menu.

7 Comments

  1. On 11 Apr 2012 at 23:03, Scott H said:

    Thanks for this tip. Honestly it happens more often than not. Although many of us see Wordpress as an easy CMS, our clients are often lost. This is not to put them down but without the proper experience and training it can be difficult to understand.

  2. On 20 Apr 2012 at 03:52, nang nguc said:

    Thanks for this tip.This is not to put them down but without the proper experience and training it can be difficult to understand.

  3. On 22 Sep 2012 at 15:41, David Hitt said:

    Thanks for this post… I’m a little embarassed that I didn’t know about this and, frankly, believe it should probably be done prior to client handover for most of the sites we design.

    Another thing I’ve always wondered about and need to research is how customizable the post editor is. It would be really awesome to link the custom CSS written for a theme environment into the WYSIWYG post editor…

  4. On 07 Nov 2012 at 15:15, ppv playbook review said:

    Thanks for this tip. Genuinely it happens more often than not. Although many of us see WordPress as an simple CMS, our customers are often missing. This is not to put them down but without the appropriate encounter and exercising it can be obscure.

  5. On 15 Nov 2012 at 16:58, Dwayne said:

    I have been having a similar problem. Hopefully this will come in handy – thank you.

  6. On 20 Nov 2012 at 20:59, Rick said:

    It can be crazy when people get to fooling around with their website what they do and then come back and say “Can you Fix it”. Oh you want to charge me to fix my site again?

    Rick

  7. On 27 Dec 2016 at 03:20, clan of clas said:

    Thanks for this post.