How can visitors redirect wp-admin to the homepage?

The codex entry for the admin_init hook has an example showing you how to do this.

/**
 * Restrict access to the administration screens.
 *
 * Only administrators will be allowed to access the admin screens,
 * all other users will be automatically redirected to
 * 'example.com/path/to/location' instead.
 *
 * We do allow access for Ajax requests though, since these may be
 * initiated from the front end of the site by non-admin users.
 */
function restrict_admin_with_redirect() {

    if ( ! current_user_can( 'manage_options' ) && ( ! wp_doing_ajax() ) ) {
        wp_safe_redirect( 'example.com/path/to/location' ); // Replace this with the URL to redirect to.
        exit;
    }
}

add_action( 'admin_init', 'restrict_admin_with_redirect', 1 );

A few notes on how this works:

  • current_user_can( 'manage_options' ) checks to see if the logged in user has a capability only admin accounts should have. The proceeding ! means “not”. We are checking for a capability instead of simply checking for the admin role as a best practice. You should treat the role as nothing more than a label and check for capabilities (read: permissions) to check if a user can do something. Read more about the roles & caps here.
  • wp_doing_ajax() Makes sure the current request is not a WordPress Ajax request. If it is, it’s possible the user is not actually on the admin so no need to redirect. The proceeding ! means “not”.
  • wp_safe_redirect( 'example.com/path/to/location' ); Redirects the user to the URL you pass it. You can find the documentation here. Note: wp_safe_redirect() is the recommended function not wp_redirect(). Thanks @Nathan Johnson
    • exit; Stops execution of the script making the redirect the last action we do.
  • add_action( 'admin_init', 'restrict_admin_with_redirect', 1 ); Fire this check on the admin_init because it’s the first hook fired after authentication. Pass 1 as the last argument to make sure out function is fired before any other hooks.

Related Posts:

  1. “Too many redirects” ONLY when trying to access wp-admin page
  2. Admin Page Redirect
  3. Unable to login and wp-login.php redirects to wp-admin%2F&reauth=1?
  4. Wrong canonical link on wp-admin pages
  5. stop redirection on /wp-admin call to /wp-login
  6. Bulk Delete Users Error uri too large
  7. wp-admin produces a 302 redirect to itself
  8. Users are redirected to homepage instead of wp-admin
  9. Unwanted redirect in admin area
  10. Login to wp-admin “redirect_to” points to wrong URL after migration
  11. wp-login.php — redirect logged in users to custom URL
  12. Can’t access wp-admin Internal Server Error 500
  13. Can’t access admin dashboard with wp-admin without /index.php after it
  14. Change Dashboard url
  15. WordPress subdomain wp-admin redirects to main domain
  16. Why is there an intermediate redirect to https://public-url.org/wp-admin?
  17. Prevent /wp-admin/ from redirecting to homepage?
  18. https://mydomain/wp-admin redirects to wp-login.php?redirect_to=https%3A%2F%2Fmydomain%2Fwp-admin%2F&reauth=1
  19. Redirect non-admin users away from wp-admin/index.php (main dashboard page) to wp-admin/profile.php
  20. WordPress (behind HAProxy and Jetty), not multisite, in sub folder – and /en/wp-admin/ keeps redirecting to /wp-admin/
  21. Created a new subdomain with same content. Should I add a redirect in my old subdomain?
  22. wp-admin – 404 after custom login form
  23. How to fix ‘WordPress redirection loop problem in wp-login.php page’?
  24. wp-admin 302 redirects
  25. Too many redirects after added SSL redirect on port 80 virtual host
  26. Can’t access wp-admin, redirects to http://%24domain/wp-admin/
  27. Unable to properly login
  28. Restrict access to admin-post.php
  29. Redirect an entire WordPress site on a subdomain, except wp-admin
  30. Admin sometimes redirects to HTTPS
  31. Too Many Redirects – WP-Admin Only
  32. WP Admin Login keeps redirecting to login
  33. CPU overload spam – redirect link to wp-admin and new post
  34. How to access wp-admin from original website after setting the domain redirect/forwarding
  35. WordPress /wp-admin redirect to wrong port in docker
  36. Login redirect_to url is pointing to a url with the port
  37. Redirect from wp-admin back to page
  38. Can’t access WP-Admin via HTTPS
  39. Wp-admin Redirection loop after moving to subdirectory
  40. Trying to login to my site redirects me to the first page
  41. Avoid executing a function (redirect) if I’m in the admin area
  42. stop customize.php redirect to login page if admin is not logged in
  43. wp-admin redirects to standard wordpress page
  44. I cannot go to http://novathon.cloud.reply.eu/wp-admin – always redirected to /wp-login
  45. Unable to log in as admin
  46. Random HTTPs redirections at admin area in shared hosting
  47. Why when I click on a link into the WP admin panel I am redirected to a link that doesn’t contains wp-admin prefix, so I obtain 404 error
  48. Valid WordPress html elements
  49. Can I rename the wp-admin folder?
  50. How to restrict dashboard access to Admins only?
  51. I’m getting a 404 message when I try to access wpadmin
  52. wordpress wp-admin css not loading
  53. create users to site with specific language
  54. Restrict access to admin but allow admin_post hook
  55. How to set custom editor style when editing the homepage?
  56. How to disable or hide “collapse menu”
  57. TinyMCE Autoresize
  58. WordPress wp-admin suddenly lost its style
  59. After changing Site url to https, can’t access login page
  60. Add custom content in user-edit.php page
  61. How to use Yoast SEO backend in english even if WPLANG variable is not english?
  62. How can I add my script to admin using script-loader.php?
  63. Admin first hook that outputs HTML?
  64. To remove default dashboard items and add quick draft widget for custom post type
  65. Why am I unable to login after converting to www?
  66. why my menu is not appearing on the admin panel
  67. Can’t access WordPress as an admin – but I can log in as a user!
  68. How to create a WP Admin user in phpMyAdmin for WordPress 4.6
  69. Add javascript confirmation popup on “Move to Trash” link
  70. Users disappeared from wp-admin
  71. 404 error comes up when I go to wp-admin after first installation [closed]
  72. Is there a quick way to find out what posts haven’t been tagged?
  73. WordPress isn’t reflecting changes I make to a specific file via FTP [closed]
  74. What are the requirements to make the admin toolbar show up on the front end
  75. Screen Options & Help Buttons not working when including Bootstrap Css
  76. edit.php alter links
  77. Cannot access WordPress login pages
  78. How to get Role Subscribe Users on Admin Menu only in Pages in WordPress
  79. Custom Admin Pagination links
  80. Have different site location for wp-admin in IIS
  81. Lost administrator privileges and can’t find a fix
  82. Why does do_robots() Allow: /wp-admin/admin-ajax.php by default?
  83. What is the meaning or function of this notice?
  84. How to set where user is redirected to after logging in at wp-login?
  85. How to create dependent dropdown custom field in wordpress admin post form
  86. How do I make it so that the all users page is not a white screen?
  87. Show shipping class on product admin page
  88. How to check if a user is in a specific role?
  89. How to load Dashboard default media files via HTTPS even when Browser URL has HTTP
  90. How to move “Collapse Menu” to top of admin bar?
  91. Some fields in Settings API form are saving, others are not
  92. I cannot get the “Read More” button to work!
  93. Child theme loses wp-admin styling
  94. Options site set empty fields after submitting
  95. Creating your own options-general.php page
  96. I want to know if it’s good for SEO [closed]
  97. My website’s wp-admin redirects to another website’s wp-admin after pointing the site url to a subdirectiory
  98. Redirecting the user to the admin table area after publishing a post, getting an invalid response error?
  99. How can you change the admin dashboard URL without symlinking?
  100. Degraded WordPress admin dashboard performance [closed]