WordPress Code Editor Function.
One of the most specific editor of WordPress that is called WordPress code editor Function, that can be extremely destructive. It comes with WordPress by default. I show you why it creates a problem.
Let’s see WordPress code editor Function.
- Go to Appearance.
- At the bottom you see.
- If I go to the editor.
- I can see the code to current my theme.
- On the right-hand side, you have the access to all piece of code.
If you go to editor, here you can see the code, also access to piece of code.
The problem is here you can actualy edit the current theme that you are using or you can go and swith to other theme.
you want just to select it from upper right hand side. There are different themes. You can go and edit any file. You can make any changes as you want.
Why WordPress code editor Function is dangerous.
Well, first of all, this is destrucive, meaning if you make any change, and I save it, you can have redo the change, or go back and undo it. My change is now permanent.
If you break something and upload new file to the server, more important note, if someone gain access your site malicously, and want to add code to your site, guess where they would go?
They would go to direclty appeaance and editor, and just go and injects whatever the code directly to theme or if they want to plugins and and edit the plugins in your site.
That means, they could put in source, crazy code into your site. So it is very harmful to your site, it should be off. Now we do not need that editor.
If we do not need it just we should off permantly.
- Go to wp.config file (cPanel ofand your site)
Type this line.
Disabling File Editing in WordPress Admin.
Note: for more detail you can see below image.
Before the Code.
After the code.
Now you can see editor is off.