How to Remove WordPress Dashboard Access for Non-Admins

The WordPress dashboard can be confusing for users who don’t have any business being there. Remove Dashboard Access for Non-Admins is a new plugin that keeps users out of the dashboard. If a user does not have the ‘delete_themes’ capability, he will be redirected to your site’s homepage.

In the future, the plugin author plans to add in the option for you to select the capability type by which to remove access to the dashboard. Download Remove Dashboard Access for Non-Admins from the WordPress plugin repository.

Comments (8)

  1. Hello
    Did you test it ?

    All ajax requests from front-end are dead.
    The code is using : $_SERVER[‘DOING_AJAX’]
    PHP and WORDPRESS do not even care about that.
    $_SERVER[‘DOING_AJAX’] will never contain any string/url/thing.

    So, i’m a visitor, i clic on a ajax link (a Like button, linked to back end), the ajax will return me the entier html code from the home page. Just “whoaw”.

  2. So, this works – but how users can create new posts?
    I want that they can create new posts and the editor for this post is inside of my theme (inside of my website)…any ideas ? thanks a lot!

  3. Hello,

    In my case this code

    if (!current_user_can(‘edit_published_posts’) && $_SERVER[‘DOING_AJAX’] != ‘/wp-admin/admin-ajax.php’) { wp_redirect(site_url()); exit; }

    not worked, the ajax request url is getting redirected to home page for a non-logged in/Non admin users.

    So I have changed the condition to this, and its fine now.

    if (!current_user_can(‘manage_options’) && (empty($_SERVER[‘HTTP_X_REQUESTED_WITH’]) && strtolower($_SERVER[‘HTTP_X_REQUESTED_WITH’]) != ‘xmlhttprequest’) ) {
    wp_redirect(home_url()); exit;

    Any way Great idea.