WordPress Help

Disable the theme and plugin editor in WordPress with the Sucuri Security plugin

For ease of use, you can edit plugin and theme files directly from your WordPress dashboard – but this can also make your site vulnerable to malicious visitors. Here’s how to use the Sucuri Security plugin to protect your site by disabling the file editor when it’s not needed.

Required: You must install the Sucuri Security plugin before you follow these steps.
  1. Sign in to WordPress.
  2. In the left-side menu, select Sucuri Security > Settings.
  3. Select the Hardening tab.
  4. Find the section labled Disable Plugin and Theme Editor.
  5. If the section is red, select Apply Hardening. If it’s green, the hardening is already applied.

Note: If you can't apply or revert hardening for this feature, it may already be handled by your hosting platform.

Related steps

Protect your website further by activating the other Sucuri Security options:

More info