WP AI Agent
Features Pricing Blog Contact Download Plugin Manage Subscription Get Free Key →

How to Disable a WordPress Plugin Without Admin Access (Full Guide)

· · 7 min read

Knowing how to disable a WordPress plugin without admin access is one of the most valuable troubleshooting skills any WordPress site owner or developer can have. Whether a rogue plugin has locked you out of your dashboard, caused a fatal error, or sent your site into an endless redirect loop, losing admin access is a stressful experience — but it is almost always recoverable. This guide walks you through every reliable method available, from simple file renaming over FTP to using the command line with WP-CLI.

Why You Might Need to Disable a Plugin Without Admin Access

There are several common scenarios where you cannot simply log in and deactivate a plugin from the WordPress dashboard:

  • White Screen of Death (WSOD): A plugin conflict or fatal PHP error causes the entire site — including the admin area — to go blank.
  • Admin lockout: A security or login plugin misconfiguration blocks your own IP address or breaks the login form.
  • Redirect loops: A caching or redirect plugin creates an infinite loop that prevents any page from loading.
  • Memory limit exceeded: A heavy plugin pushes PHP over its memory ceiling, making the dashboard inaccessible.
  • Database errors: A plugin migration goes wrong and corrupts critical tables, preventing WordPress from loading.

In every one of these situations, the fix requires bypassing the normal WordPress admin interface entirely and disabling the plugin at the server or database level.

Method 1: Rename the Plugin Folder via FTP or File Manager

This is the quickest and most universally available method. WordPress recognises a plugin only when its folder exists with the correct name inside wp-content/plugins/. Simply renaming the folder deactivates the plugin immediately.

Using an FTP Client (FileZilla)

  1. Open your FTP client (FileZilla is free and widely used) and connect to your server using the credentials provided by your host.
  2. Navigate to public_html/wp-content/plugins/ (the exact path may differ; look for the folder containing your WordPress files).
  3. Locate the folder of the plugin you want to disable. For example, woocommerce or contact-form-7.
  4. Right-click the folder and choose Rename.
  5. Add a suffix such as -disabled to the folder name — for example, rename contact-form-7 to contact-form-7-disabled.
  6. Press Enter to confirm. WordPress will immediately fail to find the plugin and mark it as inactive.
  7. Try reloading your site or accessing yoursite.com/wp-admin.

Using cPanel File Manager

  1. Log in to your hosting control panel (cPanel, Plesk, or similar).
  2. Open File Manager and enable hidden files if prompted.
  3. Browse to public_html/wp-content/plugins/.
  4. Right-click the offending plugin folder and select Rename.
  5. Append -disabled to the name and confirm.
  6. Refresh your browser and attempt to access your WordPress site again.

Disabling ALL Plugins at Once

If you do not know which plugin is causing the problem, you can disable every plugin simultaneously by renaming the entire plugins folder itself. Rename wp-content/plugins to wp-content/plugins-disabled. WordPress will deactivate everything instantly. Once you regain access to the admin dashboard, rename the folder back to plugins and reactivate your plugins one by one to identify the culprit.

Method 2: Disable a Plugin via phpMyAdmin (Database)

If you do not have FTP access but you can reach your hosting control panel, phpMyAdmin gives you direct access to the WordPress database. Plugin activation state is stored in the wp_options table under the active_plugins option.

Step-by-Step Instructions

  1. Log in to your hosting control panel and open phpMyAdmin.
  2. Select your WordPress database from the left-hand panel.
  3. Click on the wp_options table (the prefix may differ — it could be wpdb_options or similar).
  4. Use the search functionality or scroll to find the row where option_name equals active_plugins.
  5. Click Edit on that row.
  6. You will see a serialized PHP array in the option_value field. It looks similar to this: 
    a:3:{i:0;s:19:"akismet/akismet.php";i:1;s:25:"contact-form-7/wp-cf7.php";i:2;s:35:"woocommerce/woocommerce.php";}
  7. To disable a specific plugin, delete its entry from the serialized string. For example, to remove contact-form-7/wp-cf7.php, delete the segment i:1;s:25:"contact-form-7/wp-cf7.php"; and then renumber the remaining keys (i:0, i:1, etc.) sequentially and update the array count (the number after a:).
  8. Alternatively, to disable all plugins at once, replace the entire option_value with: a:0:{}
  9. Click Go or Save to apply the changes.
  10. Return to your WordPress site and try logging in to the dashboard.

Important: Serialized data is very sensitive to formatting. Even an extra space can break WordPress. Double-check your edits carefully, or use the "all plugins" shortcut (a:0:{}) if you are not confident editing serialized strings manually.

Method 3: Disable a Plugin Using WP-CLI

WP-CLI is the official command-line interface for WordPress. If your hosting plan includes SSH access, WP-CLI provides the cleanest and most precise way to manage plugins without touching the admin dashboard. Many managed WordPress hosts (Kinsta, WP Engine, SiteGround) offer WP-CLI access by default.

Deactivating a Single Plugin

  1. Connect to your server via SSH using a terminal or an SSH client like PuTTY.
  2. Navigate to your WordPress root directory: 
    cd /var/www/html
  3. List all currently active plugins to confirm the exact plugin slug: 
    wp plugin list --status=active
  4. Deactivate the specific plugin by its slug: 
    wp plugin deactivate contact-form-7
  5. Verify the plugin is now inactive: 
    wp plugin list --status=inactive

Deactivating All Plugins at Once

If you want to disable every plugin in a single command — useful when you cannot identify the bad actor — run:

wp plugin deactivate --all

This is the safest and most reliable bulk deactivation method available, as WP-CLI handles the serialized database values automatically with no risk of formatting errors.

Method 4: Use a Must-Use Plugin to Force Deactivation

WordPress has a special folder called wp-content/mu-plugins/ (must-use plugins). Any PHP file placed in this folder is executed automatically on every page load, before regular plugins, and cannot be deactivated from the admin panel. You can exploit this behaviour to forcibly prevent a troublesome plugin from loading.

Creating a Force-Disable Snippet

  1. Connect to your server via FTP or File Manager.
  2. Navigate to wp-content/. If the mu-plugins folder does not exist, create it.
  3. Create a new PHP file inside it — for example, disable-plugin.php.
  4. Add the following code to the file: 
    <?php
// Must-Use plugin: force-disable a specific plugin
add_filter( 'option_active_plugins', function( $plugins ) {
    $plugin_to_disable = 'contact-form-7/wp-cf7.php';
    $key = array_search( $plugin_to_disable, $plugins );
    if ( false !== $key ) {
        unset( $plugins[ $key ] );
    }
    return $plugins;
} );
  5. Upload the file to the mu-plugins folder.
  6. Reload your site. The targeted plugin will no longer load, even though it may still appear active in the database.
  7. Once you regain dashboard access, deactivate the plugin normally and then delete your disable-plugin.php must-use file.

This method is especially useful when you need to keep the site running for visitors while you troubleshoot, because it does not alter the database or rename any folders.

Method 5: Disable Plugins via wp-config.php

In some edge cases — particularly when you are locked out due to a plugin that hooks into the WordPress initialisation process very early — you can add a constant to wp-config.php to help isolate the problem environment. While WordPress does not have a native "disable plugin" constant, you can use the WPMU_PLUGIN_DIR redirection trick or, more practically, combine the wp-config.php edit with the must-use approach above.

However, one directly useful constant for diagnosing plugin-related crashes is enabling debug mode so you can read the actual error message:

define( 'WP_DEBUG', true );
define( 'WP_DEBUG_LOG', true );
define( 'WP_DEBUG_DISPLAY', false );

Add these lines to your wp-config.php file (via FTP or File Manager) above the line that reads /* That's all, stop editing! */. Once enabled, errors are written to wp-content/debug.log, where you can identify exactly which plugin or file is causing the crash — and then use one of the methods above to disable it precisely.

Frequently Asked Questions

Will disabling a plugin by renaming its folder cause data loss?

No. Renaming a plugin folder only prevents WordPress from loading the plugin code. All plugin data stored in the database (settings, custom tables, post metadata) remains completely intact. When you rename the folder back to its original name and reactivate the plugin, everything is restored. However, be aware that some plugins create custom database tables that may not be removed even if you later uninstall the plugin.

How do I know which plugin is causing the problem?

The most systematic approach is to disable all plugins at once (by renaming the plugins folder or running wp plugin deactivate --all), confirm the site works, and then reactivate plugins one at a time until the problem returns. The last plugin you activated before the problem reappears is the culprit. Enabling WP_DEBUG in wp-config.php can also reveal a specific file and line number in the error log.

Can I disable a plugin without FTP or phpMyAdmin access?

If you have SSH access, WP-CLI is the best alternative. If you have neither FTP nor SSH, check whether your host provides a web-based file manager through their control panel (cPanel, Plesk, DirectAdmin). As a last resort, contact your hosting support team — they can often rename plugin folders or run WP-CLI commands on your behalf.

Is it safe to edit the active_plugins row in the database directly?

Yes, it is safe as long as you edit the serialized string carefully. The most common mistake is miscounting the string length prefix (the s:25: value before each plugin path) or the array count (the a:3: at the start). The safest database approach is to replace the entire option_value with a:0:{} to deactivate all plugins at once, avoiding manual serialization edits entirely.

Troubleshooting plugin conflicts and recovering from lockouts can be time-consuming and technically intimidating — but it does not have to be. Tools like WP AI Agent let you manage, troubleshoot, and configure your WordPress site through simple natural-language chat commands, handling tasks like plugin deactivation, database queries, and file edits without requiring you to touch FTP clients, phpMyAdmin, or the command line at all.

Ready to manage WordPress with AI?

Get 100,000 tokens free every month. No credit card required.

Get Your Free License Key →

More from the blog

7 min read

How to Configure WordPress Reading Settings: Complete Guide

8 min read

How to Embed a YouTube Video in WordPress: Complete Guide

8 min read

How to Schedule Posts in WordPress: Complete Step-by-Step Guide