You’re correct in that you should be checking for a capability. However, manage options is only given to administrators by default. You should check against a capability that both editors and administrators have such as delete_others_posts.
function restrict_admin(){
//if not administrator, kill WordPress execution and provide a message
if ( ! current_user_can( 'delete_others_posts' ) ) {
wp_die( __('You are not allowed to access this part of the site') );
}
}
add_action( 'admin_init', 'restrict_admin', 1 );
See roles and capabilities from the codex.
Related Posts:
- Only allow administrators and editors to access wp-admin
- Restrict Author role to only 3 wp-admin pages
- Is WordPress secure enough for a multi-user article directory?
- How to check if a user is in a specific role?
- How to prevent access to wp-admin for certain user roles?
- Check if user is admin by user ID
- Restrict admin access to certain pages for certain users
- create users to site with specific language
- Prevent from deleting any user role but subscriber
- What is the capability that permits access to WP-Admin?
- Moving wordpress from localhost to server throws admin panel access error?
- Displaying which Role the current user is assigned to
- How to hide a specific user role option in a user role list?
- Adding HTML/Text to Top of Subscriber’s Profile Backend Page
- Custom role based users are not able to access wp-admin
- How to inhibit dashboard and profile management access to normal users?
- Custom roles showing HTML entities in title form field
- Users Unable to Access Dashboard/Posts/Pages
- Can’t access WordPress as an admin – but I can log in as a user!
- Redirect non-admin users away from wp-admin/index.php (main dashboard page) to wp-admin/profile.php
- Allow administrators to pick post author on custom post type edit screen
- admin_post action not usable if admin access denied to user
- Adding Custom Capabilites
- Why is unfiltered_upload not working despite being enabled?
- Logout USER form backoffice after 30 minutes of inactivity [closed]
- I can´t access my admin panel. I tried all possible solutions
- Lost administrator privileges and can’t find a fix
- Downgrade admin account by mistake
- How to set where user is redirected to after logging in at wp-login?
- How to remove dashboard access (wp-admin) for author but not disable the capabilities?
- Deploying WordPress for clients – what do they have access to?
- How to Find The Email of a WP Admin Account
- User Capabilities are not available in WP REST permission callback?
- Change users.php WP_User_Query
- User Roles: How to hide a plugin from showing in WP-Admin?
- define two login page url
- Newly created user role not displaying on users screen
- Admin Page access
- How to check if a user is in a specific role?
- Not able to access WP Admin, it says “Sorry, you are not allowed to access this page.”
- How to logout the current user without notices and warnings?
- Give wp-admin access for shop managers
- restrict admin panel sections to users
- adding existing menu page on new customer user role
- Localhost install: Administrator lost administrator access; cannot access Dashboard
- WordPress blog fails to open
- Is it possible to tell if a user is logged into WordPress from looking at the cookies which are set?
- Extend user search in the users.php page to allow for searching by role and excluding specified email domains from the “users search” input box
- After Upgrade: $user becomes unknown (id: 0) after successful login?
- how to Hide all products except the General Manager role in the WordPress admin panel?
- Unable to login and wp-login.php redirects to wp-admin%2F&reauth=1?
- Use a different domain for SSL
- Adding a menu item in the admin bar
- Opening specific posts on WP takes lot of time and freezes the editor
- Is it possible to set a option, and then redirect to another page directly from a admin notice link?
- How to load a CSS file into WordPress admin area using Child Theme? [closed]
- Getting “Cannot modify header information – headers already sent” error, but only on backend
- Cookie value cannot be read until I’ve logged into the WP admin
- What corrections does this code need?
- How to add wordpress blog to Windows 2008 R2 site
- WordPress disable ‘Install Themes’ tab
- WordPress Admin Not Loading All Core Scripts
- The uploaded file exceeds!
- Admin table list API?
- Displaying different in-page content to cliente/admin
- wp-admin – 404 after custom login form
- How to change user admin_color with WP CLI?
- WP Admin/ WP Login Redirect to themselves
- Unable to log in to localhost wp-admin page on XAMPP server
- Missing ‘Move to Trash’ option from bulk select box
- Can I hook into wp_update_core outside of the admin?
- /wp-admin/ doesn’t work but /admin/ does
- WordPress Side Menu Admin Panel Default Order numbers List?
- Why can I log into wp-login.php and not wp-admin.php?
- Hide front-end from every logged out user and redirect them to the default login page
- Unable to properly login
- Is there a simple way to set wordpress site files back to out of the box?
- Remove header text option from the backend
- Dashboard : remove Safari navigator message
- Contextual help in wp-admin for non admins
- Trying to create a page as a menu item in the admin while keeping the admen panel visible
- Manage Admin permissions by URL GET parameters
- Set edit capability based on ACF relationship
- Is there a way to allow users with “Subscriber” user role to access media library in backend and frontend
- Step by step guide for new users on how to post content?
- Restrict Users to Only Edit Media Owned by Users in Their Role
- Display Form in Admin Panel and Save data to Database
- Cannot log in to WordPress admin or change password
- 403 Error when using save buttons
- Ajax call not working anymore
- Js errors in wp-admin
- Avoid executing a function (redirect) if I’m in the admin area
- Wp-admin loguts me. When sign with Wp_singon
- WordPress install checking permissions of user id 0
- sharing wp-include – wp-admin on same installation
- admin_print_styles incuding $_SERVER[‘DOCUMENT_ROOT’]
- Change height of Add New Post input box
- Anyone Can Register
- Unable to access my plugins [closed]
- Can admin-ajax.php be used for spam purposes? And if yes, how to prevent that?