Blog hosting script wordpress plug-ins
Posted by Bhagwad Park on Jun 7, 2016 | No Comments
Having multiple users on a WordPress blog always presents some tricky problems of coordination. Some people have permission to do stuff, while others don’t. While WordPress has a sophisticated system of roles and permissions, it need not be as fine-grained as we wish it. For example, we might want to give people the liberty to install and edit their own plug-ins, but we don’t want them to mess around with some essential add-ons. Note that any security system outside the regular WordPress framework assumes good faith on the part of everyone involved. The techniques detailed below can be worked around if someone really wants to.
So let’s take the example of a couple of crucial plug-ins. Jetpack for example is an add-on that brings a lot of functionality to WordPress and can be considered an essential plug-in. What you’re going to do is remove the “Edit” and “Deactivate” links for a couple of important plug-ins so that they cannot accidentally be changed or removed. At the same time, all the other links for the plug-ins remain intact. We’re able to do this using the inbuilt WordPress filter called ‘plugin_action_links’.
Removing Specific “Edit” and “Deactivate” Links
In order to specify the plug-ins for which we want to remove the edit and deactivate links, we need to get the relative path to the main plug-in file name. Instead of accessing your server via FTP and searching for the right file, there’s a much easier method from within WordPress itself.
Go to your plug-ins page from the dashboard and click the “Edit” link of the plug-in we want to focus on.
This will bring up a page allowing us to edit the main plug-in file name. Make a note of the complete path along with the “/” sign in the middle. This is the string we will be using to identify the plug-in. Repeat this process with each one.
Next, open up your functions.php file and place the following code before the closing ?> PHP tag.
The important parts here are the sections in bold comprising of a, separated list of strings – each of which contains the file name we identified earlier. They appear in two places – one to remove the edit link, and one to remove the deactivate link.
After saving your changes, here’s a screenshot of the plugins page:
You can see that for the two plugins indicated, the “Edit” and “Deactivate” links have been removed, while they continue to exist for the one above.
You can even go one step further and remove the edit link for all plug-ins instead of just a few. After all, who really uses the “Edit” functionality for plug-ins anyway? Most of the time it’s just a way for someone to make a dangerous mistake. If you want to do that, use the following code:
As mentioned earlier, this functionality can still be accessed via a properly constructed URL. But that assumes a client who is deliberately working against you and trying to sabotage your efforts. In which case, you’ve got bigger problems on your hands!
Enter its URL below to find out now:
About the Author
Bhagwad Park is a technical writer from India and currently resides in Florida. He takes a keen interest in the IT world, the cloud, and also maintains a blog focusing on human rights in the developing world.