WordPress Plugins helps developers to add functionality to the design or the website’s core functionality. When we design a website using WordPress we need to add various functionalities for important purposes like Website Security, Third-Party Integration, Port configuration and so on. These are not avoidable and also WordPress is just a CMS with basic requirements.
To make the implementation easy, we use WordPress plugins which make the things in a single click. As we have an easy option, developers use various WordPress plugins to add various features based on the client requirement. It makes the job so easy for them as they don’t want to troubleshoot the codes.
Table of Contents
Why we should disable Plugin Deactivation?
If we have a requirement to disable the plugin deactivation option then we know the need for that. If not, we should know why we should disable WordPress plugin deactivation. These days people started surfing a lot on the web and trying to implement it by themselves. If something goes wrong there will another set of people who will help them to troubleshoot the problem.
So most of the companies just ending the responsibility of a website once it’s handover to the client after the completion. In that case, the client or other developers may not know the importance of the plugin added by the designer and if they delete or deactivate the plugin then it will collapse the entire website.
In another case, if we allow our team or workers with administrator access to manage or handle the website then they may remove the plugin without knowing about it. That’s simple logic, they will read about the plugin and they think that it’s not showing up anywhere but it’s active and consuming the resources.
so they will deactivate/delete the plugin by thinking that they do good for a website. Finally, it ends up messing the site very badly.
Different techniques to disable the Plugin Deactivation
There are various techniques that will help you to disable the WordPress Plugin Deactivation option. The techniques are not so different as it does the same job but in a different way.
You can use another WordPress plugin to disable the plugin deactivation or you can directly add a condition in the functions.php file or other core files.
You can even control the plugin deactivation through the access roles provided for the particular user. Below are the three different ways to disable the WordPress Plugin Deactivation.
1. Disable Plugin Deactivation using a WordPress Plugin
It is only of the easiest technique to disable the WordPress Plugin Deactivation. Also, it gives full access for the administrators to disable or enable the plugin deactivation feature anytime.
Basically, here we going to use a WordPress plugin which gives us an option to enable or disable plugin deactivation. Normally, we will have a deactivate option under each plugin to deactivate it anytime. But when we enable the option “Disable Plugin Deactivation” in this plugin then you can’t see an option to deactivate the plugins.
So person whoever access your website can’t deactivate the plugin through the WordPress dashboard.
To start with, you need to install and activate a WordPress plugin “Disable Plugin Deactivation“. For more details, you can check our step by step guide on how to install a WordPress plugin.
After activating the Disable Plugin Deactivation Plugin, you need to visit the Plugins » Plugin Deactivation Settings page to configure the WordPress plugin. You will land on the page as in the below Image,
By default, all the options in this plugin will be set to disable. As we want to disable the plugin deactivation, we need to change the particular drop-down to enable. Once done, your page should look like the below image. Click on save settings to disable the deactivate option in the plugins.
Optionally, here you can also disable plugin activation, deletion, and update as well. So it stops the users from activating, deleting and updating the plugins. You can use those options based on your requirements. If the below option gives you additional security then you can even enable those options.
Important Note: We don’t recommend you to enable the “Disable Plugin Update” option. Each plugin update will have some patches on security and other positive functionalities.
Leaving this option as enable would compromise WordPress security and make the website vulnerable to security threats. For more details, check out the complete guide on the Importance of updating themes and plugins.
2. Disable Plugin Deactivation without using any Plugins
In this specific method, you can prevent a single plugin or group of specific plugins from deactivation.
We will be adding a specific code in our WordPress core file which will prevent the deactivation of installed WordPress plugins. You can do it either using a third-party plugin or site-specific WordPress plugin to add codes to the website else directly integrate the codes on the core files.
Before everything, you should know the plugin location to disable the deactivation of the particular plugin. To check the location, you should have FTP or file manager access.
In the file manager/FTP, you should navigate to public_html » wp-content » plugins.
For example, Plugin URL of Classic Editor – classic-editor/classic-editor.php
Below Image for your reference – Plugin Location of Classic Editor in FTP.
Each plugin file name will be the same as a folder name and ends with .php
Next, you should add the below code to your active theme’s function.php file or a site-specific plugin.
add_filter( 'plugin_action_links', 'disable_plugin_deactivation', 10, 4 );
function disable_plugin_deactivation( $actions, $plugin_file, $plugin_data, $context ) {
if ( array_key_exists( 'deactivate', $actions ) && in_array( $plugin_file, array(
'classic-editor/classic-editor.php',
'redirection/redirection.php'
)))
unset( $actions['deactivate'] );
return $actions;
}
In the above code, I have placed code for Classic Editor & Redirection WordPress Plugins. But don’t forget to replace or add additional plugin URL’s that you want to protect.
Note: If you are integrating codes directly on the core files, it may get removed during the update. So you should check it after each update so that it will be the best option.
This method is better as it will disable the deactivation option only for particular plugins which is to be secured. Also, your client will still access other plugins without any effects.
3. Limit with Access roles
This is an alternative option for the above two methods. The above option needs some action, but this method will help you if this is possible to implement.
By default, WordPress comes with various roles for the users as
- Administrator
- Editor
- Author
- Contributor
- Subscriber
- SEO Manager
- SEO Editor
Now you could realize that there are 7 different roles that can be assigned to a WordPress user. Among the 7 roles, only administrator user role has permission to manage the plugins.
So the main person can have an administrator privilege and he should be responsible for the website. Other people can be assigned to different roles based on the requirement.
Users will be working on creating new content or modifying the existing content. In such a case, they don’t need an administrator role and it’s enough to go with the Editor or Author role.
Alternative you can even create a custom user role with specific permission based on your requirements. So that the users cannot edit the plugin files at any cause.
If you liked this article, then please follow us on Twitter Profile and Facebook Page to show your support.