How does Disable File Editing option work?

By default, WordPress offers administrators the option to directly edit the PHP files for plugins and themes.

While this is convenient, it is a security risk where if someone gains unauthorized access to the WordPress dashboard, they can edit your plugin / theme files and add arbitrary code.

It is generally unnecessary to allow access to file editing and we recommend turning on this restriction which blocks access to file editing capabilities.

The easiest was to achieve this is enabling the Shield's "Disable File Editing" option located under the main Security Zones menu > Firewall > Restrict WP File Editing component configuration (gear icon).(see the below images)

For more information about the WordPress file editing, read the blog article here. 

We also recommend further locking down other security options detailed here.