Page source code reveals more than just your site’s content. It can expose your WordPress version, theme name, and custom scripts, all of which can be used to identify and exploit site vulnerabilities. Disabling the View Page Source hotkey reduces the information a visitor can gather from your site’s front end.
With the Nexter Extension Content Protection feature, you can disable the Ctrl+U and CMD+U keyboard shortcuts that open the page source in a browser.
To check the complete feature overview documentation of the Content Protection feature, click here.
Best Used For:
- Membership sites protecting exclusive content and layout details from easy access
- Business sites hiding WordPress version and theme information from competitors
- Agencies securing client site builds during active development
Requirement: This feature is a part of Nexter Extension, make sure it is installed and activated.
To disable View Page Source in WordPress, follow the steps below:
1. Go to Nexter → Extensions → Security in your WordPress dashboard.
2. In the Content Protection section, enable the main toggle to activate content protection.
3. Click the gear icon (⚙) next to Content Protection to open the settings popup.
4. In the popup, go to the Protections tab and turn on the Disable Ctrl+U/CMD+U toggle.
5. In the Who Can Access section, select any user roles to exclude from this restriction. Use this when your site has administrators or developers who need to inspect page source for debugging.
6. Click Save.
Note: Disabling the Ctrl+U/CMD+U shortcut does not prevent access to source code through the browser’s right-click menu. Use the Disable Right Click option alongside this setting to cover that access path as well.
You can also disable browser Inspect Element (F12) to prevent visitors from opening developer tools from your site’s front end.
For a more complete WordPress security setup, consider enabling Two-Factor Authentication to protect your admin login against unauthorized access.
