This plugin blocks non-admin users from using inspect element, while still allowing access those with manage_options permission.
The plugin also blocks some of the common keys(f12, ect.) and optionally can block right-clicks for non-admin users.
Admins are unaffected by the plugin entirely. This plugin is also able to block users who open developer tools on another site, before visiting your site.
Version 3.0 update
This plugin is now fast and accurate, and should work on most browsers.
This plugin can detect the browser console based on lag increased by opening the console. This detection is tough for a browser to prevent or get around.
The detection runs fast, and has some resistance to lag spikes.
Lag detection does mean your site needs to have ok performance, but when testing it, I could play 10 of 10 youtube videos all at once without a false positive.
During my tests, detection was still within the second I open dev tools, and successful if I go to the page with it already open.
I tested this in chrome, firefox, and chromium.
I also tested this on my somewhat slow website with tons of wordpress plugins installed (and the 10 videos at once test) without false positives.
- Upload plugin to the /wp-content/plugins
- Activate the plugin through the “Plugins” menu in WordPress
- Go to this plugins Settings and Check “Plugin Enabled” To Enable the plugin
- Edit any other settings to your preference
- Click Save and Enjoy
Does this block users if they already have developer tools open?
yes, developer tools is detected when the user first loads the page. If developer tools was opened on another site first, its detected by the plugin.
no matter when or where developer tools was opened, it should get blocked.
Can admins still use Inspect Element?
yes, this plugin detects if a user is has “manage_options” permission, and only blocks those who do not have permission.
Does this plugin block the f12 key?
common keys including f12 get blocked.
Does this plugin block right click?
There is a setting you can toggle on or off to decide if you want to block right click.
Can Inspect Element be used on wp-login?
the plugin attempts to block non-admin users from inspect element, including on wp-login.
If you would like to better protect wp-login, there is another plugin by SwiftNinjaPro that will only allow specific IP’s to assess wp-login
Is there still a way around this plugins block?
unfortunately, there is always a way for someone to find a work-around to any code. Opening the console is done client side, so it can only be detected client side. This plugin does make it much harder for non-admins to inspect element though.
What do I do if I can’t access the login screen?
This could be because of the browser your using. Some browsers may respond differently.
If you cant access your site, you can do 1 of 2 things to disable this plugin:
1. Contact your host, and ask them to disable the plugin manually
2. Use FTP, Filezilla, or cpanel, then (click “File Manager”, if using cpanel) navigate to public_html/wp-content/plugins, then find the folder “swiftninjapro-inspect-element-console-blocker” and rename it to “swiftninjapro-inspect-element-console-blocker-off” to disable the plugin.
Contributors & Developers
“Developer Tools Blocker” is open source software. The following people have contributed to this plugin.Contributors
Translate “Developer Tools Blocker” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Added default option to disable plugin on 404 pages
Added option to disable on mobile browsers
Fixed many bugs
Made a new detection method thats fast and accurate
Now works in firefox
Added options to disable console blocker on admin and login pages (this could fix some issues)
Now uses devtools-detect from github
Added option to allow Search Engines for Sitemaps
Improved accuracy of devtools open detection
Improved how 404 page looks
Fixed detection for Microsoft Edge
changed display name
improved detection of opened console
added setting to allow or deny right clicks
Small change to how the plugin keeps people out of the direct url of it’s own files
includes attempt to send them to 404 page
tries to make direct access look like a 404 error to trick hackers
fixed false positive that blocked Google bots
now the plugin does not send bots, like Google PageSpeed Insights, to the 404 page
fixed console opening detection
Improved detection of wp-login
404 screen now displays “404 error Page Not Found”