Prevent WordPress file modifications (updates)

If you asked WordPress webmasters,what is the most significant issue they face managing customer websites? Most of the time their answer is, customers updating the site theme and plugins.

While one easy solution is not to provide them with an administration role, sometimes this is not possible for many reasons; from users already having a site or an administrator account, to users wanting full control of their site.

One easy solution to prevent your customers from updating themes and plugins on site is to add the following code to the wp-config.php file.

define( 'DISALLOW_FILE_MODS', true );

The code will prevent any user, even administrators to update or modify any files via WordPress administration area. It disables all the file management function in WordPress, this can also be useful for security purpose.

So next time that your customer wants full access to the site, but you don’t want them to run any updates don’t forget to add the line of code. Chances are, that they will be too afraid to modify the wp-config.php file just to run the updates.