How many people would you give your house keys to and let them do anything they want? The same can be stated of your WordPress dashboard and its various users.
If you thought of your WordPress website as your online home, you wouldn’t want just anyone going through all of your drawers.
This article will show you some of the simplest ways to limit access for WordPress users by utilizing code in the functions.php file, making modifications in the admin area, or using plugins.
Why Limit Dashboard Access?
The WordPress admin area should only be accessible to those you trust. If you manage a blog with multiple authors, for example, you should grant access to contributors and editors but not to subscribers.
You may still control what people can and cannot see on the dashboard even if you’ve given them access to your admin section.
How to Manage or Limit Dashboard Access with User Roles & Permissions
To limit access, go to Settings > General. Then set any New User Default Role as a Subscriber. You can also change the roles of any user that has access to your website at any time. So, any existing user roles can be modified under Users > All Users.
After setting this default role for new users, you still might need to review and change the roles of your existing users. To do so, navigate to Users > Find User. Click Edit and then select the role you want to assign them from the dropdown menu.
Then how do roles in WordPress differ from one another? Here are a few possibilities for roles in WordPress:
- Admin/Super Admin:It enables access to all functions on one website, including network administration features. Only multisite supports the Super admin role.
- Editor: Users who can manage & publish posts, including the posts of other WordPress users.
- Author: Users who can manage & publish their posts.
- Contributor: Allows a user to write & manage their posts but not publish them.
- Subscriber: As mentioned above, it’s very limited. It only allows users to manage their profiles.
Since each role has specific abilities, you can easily adjust and switch between them as necessary.
Limit Dashboard Access With Code
Another way to manage and control user access is with code. You can use the following code in your child themes functions.php file.
add_action( 'init', 'blockusers_init' );
function blockusers_init() {
if ( is_admin() && ! current_user_can( 'administrator' ) &&
! ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) {
wp_redirect( home_url() ); exit; } } This prevents non-administrators from accessing the backend of your WordPress website. Only administrators have access, while all other users are sent to the home page.
This code is only active when the user is logged into the WordPress dashboard. The code will not be applied to any user who is not logged in because they will not have access to the WordPress dashboard.
Limit Dashboard Access With a Plugin
WordPress plugins provide several advantages over other methods for limiting users, and they are also simpler to utilize.
A well-known WordPress plugin that can help you restrict access to your WordPress dashboard is briefly described here.
To easily and quickly limit dashboard access, you can use the Remove Dashboard Access.
It is simple to use and free. Simply navigate to Settings > Dashboard Access to configure the plugin after it has been installed and activated.
Any of the strategies listed above can be used to strategically distribute and limit access to your WordPress dashboard. This will assist you in managing your site’s security and providing a seamless experience to all types of users.
