HISTORICAL ERRORS
As far back as I can remember with the use of WordPress, every admin user has the capability to make changes to the theme or plugins through the Theme File Editor and Plugin File Editor. This is a dangerous access point if a client decides to venture into this section. Historically, and through experience, it has been. A slight file change without backing up the file(s) first can and WILL pretty much hose the site.
In my early days of WordPress development (circa ~2011), agencies didn’t mind providing basic CSS and HTML tips to clients about these sections. How to adjust font color, font size, etc. But as the project became more and more complex, there were more files to manage and it became a nightmare to edit things on the fly.
MODERN-DAY
It’s been a few years since the advent of WordPress’s Gutenberg, and thus the birth of giving clients autonomy to self-edit their site. Course, this new method of building a website has come at a cost of confusion. Most clients aren’t tech-savvy enough to understand how to go about implementing and modifying their site structure. Not every developer is on board with Gutenberg. Some still use ACF Pro as an assistant tool to develop elements on the page.
But even with all these new features, the option to alter your theme and plugin file through an editor within the admin dashboard still baffles me. Why is this not turned off in the first place? Why am I not given the option to hide and show?
How do you turn it off? Well, you have to dive into your wp-config.php file and insert a line of code (shown below) in order to deactivate it.
define('DISALLOW_FILE_EDIT',true);
CONCLUSION
As a standard practice, this is usually what I add first when starting any web project. There are more tips and tricks to come, but I figured I highlight one of the first of many that I normally perform.