Disable Plugin Updates but Allow WP Auto Security Updates

To answer your question directly, you can use the file_mod_allowed filter to override the DISALLOW_FILE_MODS setting for the automatic updates only. Here is an example of how to do it:

add_filter('file_mod_allowed', 'override_file_mod_allowed', 10, 2);

function override_file_mod_allowed($setting, $context){
    if ($context == 'automatic_updater'){
        return true;
    } 
    return $setting;
}

The second option, as someone suggested to me in the WordPress IRC channel, is to give the client an editor user role rather than an admin, as this seems to be closer to their needs.

Related Posts:

  1. How Do I Configure Automatic Updates in WordPress 3.7?
  2. Will A WordPress automatic update harm my website?
  3. What is a “forced plugin update”, how can I avoid it and use it for my plugins
  4. Automatic updates are not working
  5. Is it possible to prevent website from breaking with auto update?
  6. Enable automatic minor core updates when root of site is a git repository
  7. WordPress Health Tool reporting version control as a critical issue
  8. Unable to get WordPress auto update working on Ubuntu 12.04
  9. WordPress 3.0.1 Auto Update Problem
  10. Missing Update Link to 3.02/3.03 on Dashboard
  11. Change email for update notification
  12. How does wordpress handle file permissions when automatic updates are enabled?
  13. How to schedule Automatic WordPress Plugin and Core updates for night times
  14. Auto Plugin & Core Updates Not Working For Custom Theme
  15. WordPress updates and Git
  16. How to debug background/auto update?
  17. How can I fix my server so core/plugins/theme update don’t silently fail?
  18. WordPress 3.1 not autoupdating
  19. WordPress core auto update fails for UpdraftPlus WordPress Backup Plugin
  20. Automatic updates only in a predefined maintenance window
  21. Auto updating a single plugin
  22. Could auto-update delete core WordPress files and cause a white screen of death?
  23. Changing random post publish time for repost
  24. WordPress sites got auto upgraded [duplicate]
  25. How to turn off automatic updates of the WordPress core
  26. WordPress update fails with a “permission denied” error?
  27. How to trigger automatic plugin updates in WordPress 5.5
  28. Adding a banner to the install dialogue of a custom plugin
  29. Auto generate custom post title
  30. WordPress 3.3 auto update not working
  31. How to know current auto-update status of the WordPress core?
  32. Auto update error messages
  33. Allow auto-updates on a non-managed WordPress site?
  34. Will WordPress Auto Update work on a site with Basic Authentication enabled?
  35. WordPress site auto updates for no reason
  36. Are automatic background plugin updates for non-WP.org plugins possible?
  37. Auto Update fail time my external folder deleted
  38. Stop WordPress from auto updating
  39. How Do I Configure Automatic Updates in WordPress 3.7?
  40. Enable automatic plugin update for certain plugins [duplicate]
  41. Auto generate meta data value in post
  42. How to upgrade WordPress automatically?
  43. WordPress Automated Posts Creation
  44. Alter how often WordPress Auto-Updates Plugins
  45. How do I exclude plugins from getting automatically updated?
  46. How to implement WordPress plugin update that modifies the database?
  47. How to disable core and plugin updates
  48. Schedule WordPress Auto-Updates to only run during business hours
  49. Real automated and unattended wordpress upgrade including plugins
  50. How To/What triggers a WordPress auto update?
  51. Automate WordPress Database Upgrade
  52. How to disable the “Your site has updated to WordPress x.y.z” admin email?
  53. Hook into WordPress update?
  54. Recommended File Permissions
  55. Plugin update error message
  56. Is there any way to test if a function running only on plugin update is successfully running?
  57. Automatic Updates For Private And Commercial Themes?
  58. How and where can we request new WordPress hooks to be added?
  59. Plugins won’t auto-update on IIS
  60. A function to fetch blog content via rss feed
  61. How can I bulk update all posts without making changes?
  62. Website not updating – no cache plugins active!
  63. How to display LinkedIn feed/company updates into WordPress site? [closed]
  64. Auto backup before automatic WordPress updates
  65. WordPress DATABASE Update Manually?
  66. Batch update a post meta field value of each post in Post Type
  67. Same theme name issue with wordpress repository theme
  68. Show warning if plugin is missing
  69. Restored WordPress on new Server – Can’t auto-update plugins
  70. Where can i find wordpress auto update code flows?
  71. Can’t update/install plugins or WordPress
  72. Enable plugin installs without FTP with user from same group as Nginx/PHP-fpm
  73. Create cron job for update translations automatically
  74. How to create a WP Cron hooks based on schedules from Advanced cron manager plugin?
  75. Translation update successful but apparently not
  76. How could a .htaccess with authentication suddenly appear or change?
  77. Site Crashes When Updating to WordPress (Version 3.6)
  78. can’t access backend while frontend works perfect
  79. IP addresses to block to stop WP auto-update?
  80. How to back up and up date a site to a newer version?
  81. How (or where) do I get wordpress plugin update download link?
  82. Disable Database Update Required ? break my website
  83. What is the best way to hook a rewrite function for certain php code when plugins are updated?
  84. Automate post update for all posts?
  85. how to show current date on post title which should be auto update in every day
  86. Update main post with same category when creating custom post to update the modified date
  87. WP-CLI: detect altered core files and restore them automatically
  88. Possible to automatically update plugin without user interaction
  89. Is it possible to issue a theme update that requires a new plugin?
  90. Can’t access dashboard after 4.8.1 automatic upgrade
  91. Automating svn updates from a server-side cron job
  92. Correct procedure for fixing broken WP sites after WP version update
  93. WordPress core update fails – no issues with plugin updates
  94. Update WordPress from non-public machine
  95. Custom fields and auto save
  96. How to disable the “Your site has updated to WordPress x.y.z” admin email?
  97. Update a WordPress website FROM Twitter or Facebook
  98. Automatic Theme Upgrade hooks?
  99. WordPress auto update for core but use local package
  100. How to Replicate Elementor Licensing Model