How to limit access to WordPress dashboard

Muneeb WordPress Tutorials Aug 10, 2020

Imagine that you own a building, and you only want a few people to have the keys, but still, you do not want them to access some corners of the building. Now think of your WordPress site as that building you don't want everybody to have access. Using the dashboard, code snippets and some WordPress plugins, you can easily limit access to your WordPress dashboard. Let's see how we can do it.

Why should you restrict access to your dashboard?

Probably, you don't have any problem with people accessing your WordPress dashboard. But you might not want everybody to access your WordPress dashboard, or you might not want to allow them to change the theme or the plugins.

In another case, if you own a multi-author blog, you might want to limit your writer's access. Whatever the case might be, it is sometimes necessary to have control over who has access.

Let's go ahead with how you can limit your dashboard access.

Roles and Permission to control the access:

WordPress has made things easier for you by defining the roles and actions according to the users, such as writers, editors, moderators, etc. You can easily change the user roles anytime and modify their access to your WordPress dashboard.

It's really easy for the new user to allow them to manage their profiles and read the content on the front. What you have to do is change their role to a subscriber—all of this you can do within the Admin panel in WordPress by going to settings. From there go to general and choose User Default Role as Subscriber.

From users and then All users, You can modify the role of any existing user as well. You can also select multiple users at a time and limit their access.

There are four types of user roles in WordPress:

  • The Subscriber can only read posts and manage their profile.
  • The contributor can write and manage their post but can not publish.
  • The Author can manage and publish their posts.
  • The editor can publish and manage posts from all the writers.
  • Admin or Super Admin is allowed to have complete access over the site's administrative functions. Super Admin is for multiple sites.

Limiting the access using the code snippet:

Given below is a code that needs to be pasted in your child themes functions.php file. And that will help you limit your users from accessing your site. They will be directed to the homepage.

add_action( ‘init’, 'block_users' );

function block_users() {
     if ( 
           is_admin() && 
           ! current_user_can( ‘administrator’ ) &&
           ! ( defined( ‘DOING_AJAX’ ) && DOING_AJAX ) 
     ) {
           wp_redirect( home_url() );
           exit;
     }
}

For the ones finding codes difficult, we have another way.

Limiting the Access using WordPress Plugins:

For people like you and me looking for more straightforward ways, WordPress plugins might be the way to go. For it is easier to limit access or direct the users to another page.
We have comprised some free and top-rated plugins in one place with their specific actions; they can be beneficial to use.

Defender Security

Defender by WPMU is one of the highest-rated security plugins with 30000+ active installations. Along with several other functions, it has a crucial feature that It restricts the file editor access by disabling it; that way, only admin can access the file editor and make changes.

You can do all of this easily in Security Tweaks. After installing the Plugin, go to the settings. There you will see security tweaks and you'll find a button stating Disable the file editor.

It will lead you to the issues panel if you don't see the disable the file editor option there, it means it is already switched on and has gone to the resolved panel. And if it is there, just select the disable file editor button, and you are good to go.

Defender is a great way to go for limiting your WordPress access and keeping your files secure. Try using it now for free.

Remove Dashboard Access

With above 40000 installations and 4.6/5 rating, Remove Dashboard access is a straightforward and accessible option to limit your dashboard access to admins, admins and editors, admins, editors, and authors or specifically to different roles.

After installing the plugin, go to the dashboard access controls and allow the Dashboard user access to any of the given options.

You can quickly limit your user's access using this plugin. However, it also has a bunch of other handy features.

Branda

Branda has a firm 5 star rating and has above 5000 installations. It is the ultimate solution for you by WPMU DEV. It has various excellent features to customize your WordPress account altogether. Staying to the point, let me tell you how you can limit your dashboard access using Branda plugin.

First, you have to install the plugin and then activate it. After activation, all you have to do is go to the Admin Area, where you will find the Custom Admin Menu, and alongside, you will see a button saying Customize.

It will refresh instantly once you pick a role, and if you want to see the duplicate and hide button, you will have to move your cursor over to the menu items.

From there, you can simply select one or multiple items from the menu, to perform the same action over all of them just click select all.

The function of the Hide option is to hide it from the selected user role, while the duplicate option is used to create an exact duplicate of the selected item in the menu.

Select apply After making all the necessary changes, and there you have it. Everything is being done, and your site is safer.

Admin Bar & Dashboard Access Control

Admin Bar and Dashboard Access Control is again an excellent option to limit dashboard access for your users. With a 4.5 star rating and over 5000 downloads, it is simple to use and answer your questions.

Once you install the plugin head over to the Dashboard Access panel, you will be able to disable the dashboard access for several user roles. There's also an option to redirect users with no dashboard access.


To disable the Admin Bar, you will need to go to the Admin Bar area, and from there, you can disable it for all the roles except Admin, or you can select different roles for them to keep access.

Summary

Here, you found so many ways to limit your dashboard access using WordPress plugins, codes snippet, and also directly from the dashboard. Now, you finally know how important it is to secure your WordPress dashboard and how easily you can do it.

Which of these techniques are you going to use to limit your WordPress dashboard access?

And if you have already used one, let us know how was your experience using that technique. We will be very glad to hear you out.

Thank you!