How to redirect non admins to homepage if trying to view mysite.com/wp-admin/?

2 Views

I want all my users (contributors and authors too) but the admin to be redirected to the homepage if they try to view mysite.com/wp-admin/.
Contributors and Authors must be able to add and edit posts as usual, along with others they’ve to be forced to be redirected…
I’ve already removed the link to the dashboard…
I’ve also tried some plugins but the one that gets closer (Remove Dashboard Access) redirects to main page but prevents the contributors and authors from adding, editing and deleting posts.
Thanks!

Post Views: 2

Related posts

Leave a Reply

5 comments

  1. I been using this code for a while I think it was originaly on a plugin called wp block admin but this works. You just have tho change the required compatibility so that it does what you need, look at this

    $required_capability = 'edit_others_posts';
$redirect_to = '';
function no_admin_init() {      
    // We need the config vars inside the function
    global $required_capability, $redirect_to;      
    // Is this the admin interface?
    if (
        // Look for the presence of /wp-admin/ in the url
        stripos($_SERVER['REQUEST_URI'],'/wp-admin/') !== false
        &&
        // Allow calls to async-upload.php
        stripos($_SERVER['REQUEST_URI'],'async-upload.php') == false
        &&
        // Allow calls to admin-ajax.php
        stripos($_SERVER['REQUEST_URI'],'admin-ajax.php') == false
    ) {         
        // Does the current user fail the required capability level?
        if (!current_user_can($required_capability)) {              
            if ($redirect_to == '') { $redirect_to = get_option('home'); }              
            // Send a temporary redirect
            wp_redirect($redirect_to,302);              
        }           
    }       
}
// Add the action with maximum priority
add_action('init','no_admin_init',0);

  2. One addition: ALWAYS check to see if there is a logged in user otherwise you will prevent secured items from displaying on login screen:

    function redirect_non_admin_user(){
    if ( is_user_logged_in() ) {
        if ( !defined( 'DOING_AJAX' ) && !current_user_can('administrator') ){
            wp_redirect( site_url() );  exit;
        }
    }
}
add_action( 'admin_init', 'redirect_non_admin_user' );

    Thank you so much for offering this solution 🙂

  3. Unfortunately none of the above codes worked for me as they just redirected non admin to homepage even if I wanted authors and contributors to be able to add/edit and delete their posts…
    I’ve ended removing the boxes in the dashboard and I solved (partially) my issue.

    I added this in functions.php

    function disable_default_dashboard_widgets() {

    remove_meta_box('dashboard_right_now', 'dashboard', 'core');
    remove_meta_box('dashboard_recent_comments', 'dashboard', 'core');
    remove_meta_box('dashboard_incoming_links', 'dashboard', 'core');
    remove_meta_box('dashboard_plugins', 'dashboard', 'core');

    remove_meta_box('dashboard_quick_press', 'dashboard', 'core');
    remove_meta_box('dashboard_recent_drafts', 'dashboard', 'core');
    remove_meta_box('dashboard_primary', 'dashboard', 'core');
    remove_meta_box('dashboard_secondary', 'dashboard', 'core');
}
add_action('admin_menu', 'disable_default_dashboard_widgets');

  4. I know this is still a old question but you can have a look.

    function redirect_non_admin_user(){
    if ( !defined( 'DOING_AJAX' ) && !current_user_can('administrator') ){
        wp_redirect( site_url() );  exit;
    } 
}


add_action( 'admin_init', 'redirect_non_admin_user' );

    This checking is very IMPORTANT “!defined( ‘DOING_AJAX’ )” when you use admin ajax call in frontend.

  5. There’re only two things you need to check:

    • If the user is in the admin interface
    • If he got the capability or not

    As long as we’re using the template_redirect hook we don’t have to check the login/register/password pages as the redirect will happen invisible to the user.

    Here’s the idea wrapped up as a little (mu-)plugin.

    <?php
/**
 * Plugin Name: (#90535) Redirect Non-Admin users to the "Home"-page.
 * Description: Checks if we're in the admin UI and if the user has the admin only 'manage_options' capability
 * Version:     2013.03.12
 * Author:      Franz Josef Kaiser
 */
add_action( 'template_redirect', 'wpse90535_admin_denied' );
function wpse90535_admin_denied()
{
    is_admin()
    && ! current_user_can( 'manage_options' )
        and exit( wp_redirect( home_url(), 302 ) );
}