Is there a way to redirect users who are not administrator from WordPress wp-admin?

Users can register as contributor to my wordpress website. But the registered users can go to www.website.com/wp-admin and login and get to admin page. I know they have very less capabilities but still i want to redirect them to the index page or someother page in the site.
Is there a way to do it?

Related posts

Leave a Reply

3 comments

  1. put the following code somewhere wordpress will execute it.

    add_action( 'init', 'level_check' );
    
    function level_check() {
     // is_admin() will let us know if we're in admin pages
     // only admins can 'update_core' and 'list_users'
     if ( is_admin() && !current_user_can( 'update_core' ) && !current_user_can( 'list_users' ) ) {
      // redirect or whatever here
      echo "not permitted";
      die();
     }
    }
    

    but don’t try and goto /wp-admin to login, goto /wp-login instead

  2. yes just set the permission levels up in the WP admin. Go to admin, then into users and make sure their permissions are subscriber, not admin or editor or author.

  3. You can do this by editing your .htaccess file. This is in the root folder.

    I have included something from http://www.catswhocode.com/blog/10-awesome-htaccess-hacks-for-wordpress that explains this better:

    Allow only your IP adress on the wp-admin directory

    Excepted the case of a collaborative blog, only you should be allowed to visit the wp-admin directory. If you have a static IP, this code will do the job.
    All you have to do is to enter your static IP adress on line 8. Note that you can add more IPs if needed, by creating a new line with: allow from xx.xx.xxx.xx inside.

    AuthUserFile /dev/null
    AuthGroupFile /dev/null
    AuthName "Example Access Control"
    AuthType Basic
    <LIMIT GET>
    order deny,allow
    deny from all
    allow from xx.xx.xx.xx
    </LIMIT>
    

    Source: Protecting the WordPress wp-admin folder