Options for restricting access to wp-admin

You could make it a mu-plugin (‘Must Use’ plugin). Any PHP file you put into /wp-content/mu-plugins/ will automatically get included in WordPress. You can’t deactivate the plugin (unless you have ftp access to the server). If you go with a mu-plugin, make sure to put the functionality into a subdirectory and bootstrap it with a php file in the mu-plugins directory.

EDIT

After reading the comment, I think I understand the problem better. It sounds like you want to be able to lock people out of the admin altogether. That’s not so difficult. Try this:

function my_awesome_admin_lockout(){
  if( is_admin() && !current_user_can( 'manage_options' ) ) {
    wp_redirect( home_url() );
    die();
  }
}

add_action( 'init', 'my_awesome_admin_lockout' );

Basically, that locks everybody but admins out of the admin area.

Related Posts:

  1. Change Login URL Without Plugin
  2. Securing wp-admin folder – Purpose? Importance?
  3. How to change “wp-admin” to something else without search-replacing the core?
  4. Block access to wp-admin
  5. Should I add the IP of the server that hosts my sites to the list of authorized IPs in the wp-admin/.htaccess?
  6. How to Change The WordPress Login URL Without Plugin
  7. 404 redirect wp-login and wp-admin after changing login url [closed]
  8. Couple questions about .htaccess, login page, updates
  9. Can I rename the wp-admin folder?
  10. “Too many redirects” ONLY when trying to access wp-admin page
  11. Use a different domain for SSL
  12. What is the best method to close off the backend?
  13. .htaccess in wp-admin produces a redirect loop
  14. Share same domain for wp-admin but for different website
  15. Wrong canonical link on wp-admin pages
  16. Can I rename the wp-admin folder?
  17. WordPress in sub directory wp-admin problem
  18. .htaccess rewrite rule for removing .php extension with exception of wp login and wp-admin
  19. Can’t access admin dashboard with wp-admin without /index.php after it
  20. Why should I password protect WP-Admin?
  21. Call to undefined function insert_with_markers
  22. Cannot log into WordPress Dashboard after removing/adding .htaccess
  23. Change WP-Login or WP-Admin
  24. Which HTTP headers to use for subdomain embedding?
  25. CDN + WP Admin Query – .htaccess redirection
  26. From 403 error to 500 internal server error
  27. FORCE_SSL_ADMIN not working
  28. Cannot Access Admin Area After Migration
  29. Wrong wp-admin URL
  30. Limit access to wp_admin
  31. I want to disable login of admin (/wp-admin) with email and make it accessible only with username
  32. password reset link being sent as HTTP?
  33. How do I host WordPress on a hidden domain through a reverse proxy?
  34. Logout USER form backoffice after 30 minutes of inactivity [closed]
  35. Do I have to face security problems if I changing default role to Contributor
  36. Hide username discovery
  37. Efficient way to check local WordPress php files and Database for malicious code? [duplicate]
  38. Renaming wp-admin without hard-coding it. Is it really possible?
  39. Need help for WordPress User Session Management?
  40. How login is possible, if I deny login page via .htaccess with allow ip
  41. Developer/Designer asking for admin access
  42. Redirect an entire WordPress site on a subdomain, except wp-admin
  43. Blank page when viewing wp-admin
  44. Is WordPress secure enough for a multi-user article directory?
  45. wp-admin going directly to 404
  46. WordPress /wp-admin redirect to wrong port in docker
  47. wp-admin and wp-login.php not Accessible after Cloudflare
  48. Can I rename the wp-admin folder?
  49. CSRF attack to create USER
  50. Disabling WP-Admin Caching in htaccess
  51. Can I rename the wp-admin folder?
  52. Limit access to wp-admin but still be able to log in from different locations?
  53. SSL doesn’t deliver parts of WordPress Administration Module
  54. Why WordPress not logout after I have close my browser?
  55. Making WP Admin Folder accessable JUST under a different link
  56. How to protect wp-admin from third party access?
  57. is exposed wp-admin site a serious security vulnerability
  58. How to display a static HTML page while setting up a WordPress site?
  59. How can I uninstall a language?
  60. Best way to present options for home page in admin?
  61. Delete Post From front Page ( With Wp-admin restriction )
  62. Custom user role that can only edit specific (non-custom-type) page and all child pages [duplicate]
  63. Add mass action to wp-admin/users.php
  64. Add button in TinyMCE editor to insert text
  65. Can initial focus be set to search field in WordPress Media Library?
  66. When attempting to update a self-hosted WordPress site, I’m seeing “ASN1 unknown message digest algorithm”
  67. How to create a wp admin page (for use in an ajax request)
  68. Removing user fields [duplicate]
  69. Creating WordPress Admin Themes
  70. Add “Page Revised” column to Admin
  71. Redirect users away from Admin breaks ajax
  72. Form validation in WordPress Admin Panel
  73. XDG-OPEN is not recognized by WP CLI admin command
  74. How To Reset Ownership And Permissions of Wp-Content Folder, In Order to Fix HTTP Error When Uploading Images to WordPress Media Library
  75. Post Bulk Update
  76. sort tags by tag ID in admin panel
  77. How to fix ‘WordPress redirection loop problem in wp-login.php page’?
  78. wp-admin remove part of the url
  79. WP admin user search doesn’t return all users
  80. Where are screen options when in admin on mobile?
  81. post-new.php?post_type=product is not loading properly
  82. How to use underscore.js in WordPress Admin
  83. meta box on new admin page
  84. Site Crashes When Updating to WordPress (Version 3.6)
  85. How can I control which plugins run in the dashboard?
  86. WordPress admin section appears broken
  87. How to create directory under my active theme directory
  88. CPU overload spam – redirect link to wp-admin and new post
  89. define two login page url
  90. On Users (user.php) in wp-admin disable/hide “Bulk Actions” and “Change Role To”
  91. How can I can I make changes to a WP project I pulled from GItHub?
  92. WordPress critical error on wp-admin page with 100% permissions
  93. Add item to admin panel – w/o plugin & theme
  94. Show only childs and grandchilds of certain post in admin
  95. Is it possible to change the images source that are shown in the admin side?
  96. Using query string on edit CPT page
  97. $current_screen if condition for a specific page in admin
  98. All of my WordPress sites have Bold Open Sans
  99. How can you change the admin dashboard URL without symlinking?
  100. Degraded WordPress admin dashboard performance [closed]

Leave a Comment