Disable file editing in WP admin

In this guide, we show you how to deactivate file editing in WP admin by adding a line to your wp-config.php file. If you have used our 1-click installer, file editing is inactive by default.

When file editing is active, Administrator users can edit the code of themes and plugins directly in the WP Admin. This is a potential security risk, because editing the code incorrectly can break your website. In addition, if file editing is allowed and a hacker breaks in, they could access all your data. That's why we recommend deactivating this feature.

1. Log into the one.com Control Panel.
2. Open File Manager under Files & Security.
3. Locate the file wp-config.php and check the box to select it.
4. Click Edit in the menu bar at the top of your screen.
5. Search wp-config for define('DISALLOW_FILE_EDIT', it is usually located towards the bottom.
6. If you found it, check that it's set to "true" (see example below). If the code is not there at all, add it to the bottom of the file, like this:

define('DISALLOW_FILE_EDIT', true);

7. Click Save at the top of your screen.

Tip: If you want to temporarily allow file editing, you can simply replace "true" with "false". Change it back when you are done editing.

Related articles:

• Change the file permissions via an FTP client
• Deactivate file execution in the WordPress uploads folder