Disable the file editor

HI @ultrasuoni,

I’m afraid, I’m not fully sure whether I understand your issue. The “Disable the file editor” is one of the security tweaks feature that you can disable.

What the mentioned setting would do is it’ll disable the Plugin Editor located under Plugins > Plugin Editor page and Theme Editor under Appearance > Theme Editor as security.

Activate security tweaks to strengthen your website against harmful hackers and bots who try to break in. We recommend you action as many tweaks as possible, some may require your server provider to help.

The above message will appear if you don’t have all the security tweaks enabled. You can find the number of tweaks that need to enabled under Defender > Security Tweaks > Issues.

Once all the security tweaks are enabled the message should go away. Is that what you have done? or you meant the “Disable the file Editor” tweaks gets disabled after 2 minutes?

If you are still facing issues then could you please share a screenshot regarding what you are noticing so that we could have a better idea regarding your concern?

Please do advise if I have missed out anything. Looking forward to your response. Have a nice day ahead.

Best Regards,
Nithin

No Mr. Nithin, Disable the file Editor = DO NOT WORK PROPERLY IN MANY MY WEB SITE (not all .. not all but ..the majority ..Yes = don’t work the setting “disable editor” ).
Others functions are ok, the others n. 11 internal features are working !

Please look and regarde my screenshot for understanding the false result (after refresh pages .. obvious .. in Firefox Browser and others browsers ..).

SCREEN SHOT ONLINE OF THIS PROBLEM

Hello there @ultrasuoni

I double checked that in a testing site of mine and couldn’t replicate.
This should be coming via some kind of caching.
Could you try purging all caches coming from a plugin and your hosting provider and check again?

Warm regards,
Dimitris

The DEFENDER problem is from the latest DEFENDER version (or last wordpress plus last defender.. ??? ) and I’ve never seen it before.

Our sites are on different Registrar Providers: and, by chance, this strange problem happens: and it remains so even when I go back to our various blogs with wordpress.

I am not the owner of the Registrar Hosting where our domains are.
I refresh the browser, build sites, maintain and clean them (also on FTP FILEZILLA AND CPANEL – MANAGER FILES)
There are no caches: the servers automatically refresh every day.
Among other things .. I only have 4 plugins.

I clean up databases and caches with the usual plugins: Optimize Database after Deleting Revisions

Nothing more and nothing less

See the problem of defender here: in real time

• This reply was modified 4 years, 5 months ago by ultrasuoni.

some error logs

[Tue Oct 13 01:30:07.547017 2020] [access_compat:error] [pid 257832:tid 47718118504192] [client IP XXXXXXXX] AH01797: client denied by server configuration: /home/YYYYYYY/public_html/blog/wp-content/uploads/wp-defender/index.php, referer: https://www.YYYYYYYYY/blog/wp-content/uploads/wp-defender/index.php
[Tue Oct 13 15:31:02.701745 2020] [access_compat:error] [pid 256100:tid 47718133212928] [client IP XXXXXXXXXX] AH01797: client denied by server configuration: /home/YYYYYYYY/public_html/blog/wp-content/plugins/defender-security/languages/wpdef-default.pot, referer: https://www.YYYYYYYYY/blog/wp-content/plugins/defender-security/languages/wpdef-default.pot

Hi @ultrasuoni,

Those errors are made by Defender while checking if the security options are in place, so it tries to access the file that should be denied and the log you are seeing actually means that that specific security tweak is working properly.

Regarding the “Disable the file editor” issue, when you click the button to resolve it does this code get added to your wp-config.php file (located in root WP folder):
define( 'DISALLOW_FILE_EDIT', true );

Cheers,
Predrag

Thanks.

//Disable File Edits
define( 'DISALLOW_FILE_EDIT', true );

are write in wp-config
==================================================================
It remains to be understood because RED BALL IS ALWAYS ACTIVE
and inside the admin panel of the site ( Why ? ) it looks exactly the opposite of wp-config:
as if the WRITE FUNCTION were always active and never deactivated:
The file editor is currently enabled.
The file editor is currently enabled.
The file editor is currently enabled.

==========================================================
I’m glad it works (in wp-config) but not work in “Admin Panel”:

= In the file wp-config : ok the WRITE is disabled
= But in the Admin Panel : no, enabled the WRITE .. always.
==========================================================
IN CONCLUSION (for ADMIN-PANEL WP) :

This RED signal e the fake CONSTANT TIME NOTICE “The file editor is currently enabled” ( in YELLOW color), generate great confusion in the head of any ADMIN-USER.

You are never sure because in the ADMIN panel it seems that you have deactivated the WRITE .. but after 2 seconds it “magically” returns as ACTIVE (with red dot + yellow warning).

Hi @ultrasuoni

Sorry for the delay here.

Is the define before of:
/* That’s all, stop editing! Happy publishing. */.

Can you check if you can access the editor on WordPress > Plugins > Editor?

If not, we can confirm it is disabled.

Do you have any object cache on your server? If so, can you try to flush and see if the issue is gone?

Best Regards
Patrick Freitas

Ok in the wordpress file = WRITE DISABLED

Not ok in admin panel = RED BUTTON FOREVER !!! (this is the Otpical problem)
And this RED BUTTON does not happen in all web domains, but only on some (with identical REGISTRAR HOSTING and wordpress + Plugin).

We use 4 plugins, no cache or other strange plugins: classic editor, Defender, Yoast, Ultimate gallery master, WP forms.

The problem is in the Admin Panel :
1) Botton RED does not turn off
2) Security Tweaks always YELLOW for “Disable File Editor”

1 + 2 = the “optical problem in ADMIN PANEL -> Section Defender

Hi @ultrasuoni

Could you please send me an email to [email protected] using this template:

Subject: “Attn: Patrick Freitas”

Message: link back to this thread for reference

Please, reply to the thread once sending the email
Best Regards
Patrick Freitas

OK Mr. Patrick
Email sent as requested by one of our most used business emails : NOW.
Day 9/11/2020 – H 15 min.36 (PM) – Milan – Italy

I think I solved it, thanks.
Testing on One of our Website = ok
Created test free wp site in https://frosinone.thats.im/ultrasuoni = ok
The problem was some PHP OPTIONS in the Cpanel which, if used, create problems and inconsistencies.
I think it’s solved, the problem is PHP 7.4 OPTIONS in CPANEL.

Thanks again.