Prevent ability to disable plugin

  • Resolved patrikck

    (@patrikck)


    4 years, 1 month ago

    Hi, I know there is a filter I can add in functions.php to stop the ability for a plugin to be disabled. I just need to know which file I need to include in the filter

    Referring to part 2 of this tutorial
    https://www.wpbeginner.com/wp-tutorials/how-to-disable-plugin-deactivation-from-wordpress-admin-panel

    Unless you have another non-plugin based option too?

    I asked because my server was recently hacked and the first thing they did was disable all the plugins which completely sidesteps the security measures including WF. Obviously I need to determine how they could do that to begin with but this should help moving forward.

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @patrikck, thanks for reaching out on this issue.

    If you wish to follow that guide, as we do not have an option for removing the “disable” plugin feature then the file path you’ll need to use is wordfence/wordfence.php

    An attacker would probably use the database where they could possibly disable plugins without actually using the WordPress admin panel, so please ensure you’re satisfied that your compromised site has been properly cleaned. There’s a helpful link to this below:

    https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

    Thanks,

    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Prevent ability to disable plugin’ is closed to new replies.