In WordPress, the admin dashboard is the control center for managing your website. However, not every user needs access to this area. For example, on membership sites, blogs with multiple contributors, or e-commerce platforms, restricting admin access to only administrators can enhance security and improve user experience.

In this guide, we’ll show you a simple way to restrict admin access for non-admin users using a code snippet.

Limiting access to the WordPress admin area is beneficial because it can:

• Enhance Security: Prevent unauthorized changes or access to sensitive settings.
• Simplify User Experience: Hide areas of the website that other user roles don’t need.
• Avoid Mistakes: Minimize the chances of accidental modifications by non-admin users.

Here’s a simple code snippet that redirects non-admin users trying to access the admin dashboard. You can add this to your theme’s functions.php file or use a plugin like Code Snippets for easier management.

• current_user_can('manage_options'): This checks if the user has administrator capabilities. Only users with the manage_options capability can access the admin dashboard.
• !wp_doing_ajax(): Ensures AJAX requests remain functional, as these are often used by plugins and frontend features.
• wp_redirect(home_url());: Redirects users to the homepage. You can replace this with any URL of your choice.

If you prefer to send users to a specific page instead of the homepage, update the wp_redirect function like this:

1. Log in as a non-admin user (e.g., Subscriber or Editor).
2. Attempt to access the admin dashboard (yoursite.com/wp-admin).
3. You should be redirected to the homepage or the URL you specified.

Log in as an admin user to confirm you still have full access.

This code is particularly useful for:

• Membership Websites: Limit access for subscribers and members.
• E-Commerce Stores: Prevent customers from entering the admin area.
• Simplifying Contributor Roles: Restrict dashboard access for contributors or editors.

You can enhance the user experience by creating a custom page that explains why users were redirected. For example, include a message like:

“You do not have access to this area. Please contact the site administrator if you believe this is an error.”

This small addition helps avoid confusion for users who may not understand why they can’t access the admin dashboard.

Restricting admin access to authorized users only is a simple way to improve security and streamline your site management. With this snippet, you can easily redirect non-admin users while ensuring smooth functionality for everyone else.

Do you have additional ideas for securing your WordPress site? Share your thoughts in the comments below!