Developer Tools Blocker

Description

This plugin blocks non-admin users from using inspect element, while still allowing access those with manage_options permission.
The plugin also blocks some of the common keys(f12, ect.) and optionally can block right-clicks for non-admin users.
Admins are unaffected by the plugin entirely. This plugin is also able to block users who open developer tools on another site, before visiting your site.

Version 3.0 update

This plugin is now fast and accurate, and should work on most browsers.
This plugin can detect the browser console based on lag increased by opening the console. This detection is tough for a browser to prevent or get around.
The detection runs fast, and has some resistance to lag spikes.

Lag detection does mean your site needs to have ok performance, but when testing it, I could play 10 of 10 youtube videos all at once without a false positive.
During my tests, detection was still within the second I open dev tools, and successful if I go to the page with it already open.
I tested this in chrome, firefox, and chromium.
I also tested this on my somewhat slow website with tons of wordpress plugins installed (and the 10 videos at once test) without false positives.

Screenshots

  • Blocking unauthorized users from Inspect Element

Installation

  1. Upload plugin to the /wp-content/plugins
  2. Activate the plugin through the “Plugins” menu in WordPress
  3. Go to this plugins Settings and Check “Plugin Enabled” To Enable the plugin
  4. Edit any other settings to your preference
  5. Click Save and Enjoy

FAQ

Does this block users if they already have developer tools open?

yes, developer tools is detected when the user first loads the page. If developer tools was opened on another site first, its detected by the plugin.
no matter when or where developer tools was opened, it should get blocked.

Can admins still use Inspect Element?

yes, this plugin detects if a user is has “manage_options” permission, and only blocks those who do not have permission.

Does this plugin block the f12 key?

common keys including f12 get blocked.

Does this plugin block right click?

There is a setting you can toggle on or off to decide if you want to block right click.

Can Inspect Element be used on wp-login?

the plugin attempts to block non-admin users from inspect element, including on wp-login.
If you would like to better protect wp-login, there is another plugin by SwiftNinjaPro that will only allow specific IP’s to assess wp-login
https://wordpress.org/plugins/swiftninjapro-wp-login-whitelist-ip/

Is there still a way around this plugins block?

unfortunately, there is always a way for someone to find a work-around to any code. Opening the console is done client side, so it can only be detected client side. This plugin does make it much harder for non-admins to inspect element though.

What do I do if I can’t access the login screen?

This could be because of the browser your using. Some browsers may respond differently.

If you cant access your site, you can do 1 of 2 things to disable this plugin:
1. Contact your host, and ask them to disable the plugin manually
2. Use FTP, Filezilla, or cpanel, then (click “File Manager”, if using cpanel) navigate to public_html/wp-content/plugins, then find the folder “swiftninjapro-inspect-element-console-blocker” and rename it to “swiftninjapro-inspect-element-console-blocker-off” to disable the plugin.

Reviews

27 April 2021
This is amazing tool, for no expert users works great, the thing is I was able to break this "protection" in a very easy way: 1.- Open developer tools in firefox or chrome (of course the plug in re direct the user to the 404 error page), perfect! until... 2.- Press the "back" button in the internet browser, then it go back to the previous page with all developer tools open (developer tools do not close en back) so then the plug in do not redirect again to the 404 page, it stay in the original page with all the code and developer tools available, I hope you guys can correct this because is an amazing tool. thank you
27 January 2021
It is a wonderful plugin, it manages to block the developer tools, a feat that for many is impossible.
1 January 2021
i use chrome and i can easily use developer tool update: cleared browser cache and worked fine. it shows a 404 page but the developer code remains the same. helpfull at 95% capability.
5 December 2020
it's OK everywhere except for iOS safari iPhones. iPhone are redirected to 404 page each time. But when the plugin is disabled, iPhones can access to the website Do you have an solution for safari on iPhone to access with the plugin enabled? or you plan to an update to allow safari? Thanks and great job!
16 November 2020
Okay So this worked great Used it as a means to rid human hackers and bots from trying to figure out where my log in page is etc etc. This plug in disabled inspect etc so was perfect and my security was improved because of this. the only problem i noticed was that some not all some very few customers come to my page using their phones and this happens to me as well with Chrome some people reported it was firefox the site immediately gives them 404 error and no way around it except change your browser. sadly i cant accept that so had to disable it its random its rare not common but otherwise the plug in does what it does.
29 September 2020
hi , After using and installing this plugin, I realized that it does not work in Firefox and you can easily view the source code and elements with a simple right click. Do you have a solution?
Read all 9 reviews

Contributors and Developers

“Developer Tools Blocker” is open source software. The following people have contributed to this plugin.

Contributors

Change Log

3.0

Fixed many bugs
Made a new detection method thats fast and accurate
Now works in firefox

2.0.1

Added options to disable console blocker on admin and login pages (this could fix some issues)

2.0

Scripts rebuilt
Now uses devtools-detect from github

1.8

Added option to randomize the plugins javascript variable and function names

1.7

Added option to allow Search Engines for Sitemaps

1.6

Improved accuracy of devtools open detection

1.5.1

Improved how 404 page looks

1.5

Fixed detection for Microsoft Edge

1.4.6

changed display name

1.4

improved detection of opened console

1.3

added setting to allow or deny right clicks

1.2

Small change to how the plugin keeps people out of the direct url of it’s own files
includes attempt to send them to 404 page
tries to make direct access look like a 404 error to trick hackers

1.1.2

Bug Fix
fixed false positive that blocked Google bots
now the plugin does not send bots, like Google PageSpeed Insights, to the 404 page

1.1.1

Bug Fix
fixed console opening detection

1.1

Improved detection of wp-login
404 screen now displays “404 error Page Not Found”

1.0

First Version