Disable Themes and Plugin Editor from WordPress Admin

Here is another WordPress best practice to follow:

Hackers who broke into your WordPress account, may use the opportunity to distribute malware or perform DDOS attach on other websites.

Hence as a basic practice, restrict themes and plugin editor from Admin Panel. You certainly do not need these features all the time.

Simply edit wp-config.php file found in the root of your WordPress directory, and paste the following code just before the line that says ‘That’s all, stop editing! Happy publishing’ :

define( ‘DISALLOW_FILE_EDIT’, true );

That’s all you need to do. plugin and themes editor will disappear from Admin panel.