How do I block all access to WordPress from my subscribers?

Hello,

I need to block subscribers from ever entering WordPress and ever seeing WordPress Logos.

The Reason Being:
I want the users to be routed back to the home page after logging in and when they logout.

I need them to create their sites from the back end and never through WordPress dashboard because I never want them to leave the site.

Regards,
Nicholas

  • Tyler Postle

    Hey Nicholas,

    Hope you're doing well today!

    Thanks for another question.

    You could try a plugin such as this one here: https://wordpress.org/plugins/remove-dashboard-access-for-non-admins/

    We have a post on this on our blog too: https://premium.wpmudev.org/blog/limit-access-to-your-wordpress-dashboard/

    I need them to create their sites from the back end and never through WordPress dashboard because I never want them to leave the site.

    Bit confused on this part, do you mean frontend here? So you have them adding everything through the frontend? I believe this is through the TT Frontend plugin if I remember correctly?

    Hopefully one of those solutions will do the trick for you Nicholas. Let me know if you still need further assistance.

    Cheers,
    Tyler

  • Nicholas

    Hello,

    The error I received is the following when creating the frontend store page:

    Notice: Undefined index: restrict_wp_admin in /home/blackgrass8/timelessmetal.com/wp-content/plugins/tt-marketpress-frontend1/settings.php on line 5
    http://www.timelessmetal.com
    Warning: Cannot modify header information - headers already sent by (output started at /home/blackgrass8/timelessmetal.com/wp-admin/includes/template.php:1867) in /home/blackgrass8/timelessmetal.com/wp-includes/pluggable.php on line 1173

    And when I log in as a subscriber that I gave access to this page, I recieve the following error:

    You are not authorized to access this page.

    Please help.

    Thanks,
    Nicholas

  • Ivan

    Hey Nicholas,

    There is some problem accessing your site with the support access.
    Can you check if it is enabled and if not, to enable it?

    In meantime you can try to refresh the WordPress installation?
    You ca do so by navigating to Dashboard>Updates>Re-install Now.
    See the attached screenshot bellow.

    Also a good idea will be to check and fix your folder and file permissions using FTP client.
    You can see what they should be here - https://premium.wpmudev.org/blog/wordpress-file-permissions/

    Let me know if some of this helps you.

    Thanks,
    Ivan

  • aristath

    Hello again @Nicholas, I hope you're well today!

    The "Headers already sent by" message is not uncommon...
    This message indicates that somewhere on your installation a php file outputs headers before its time.
    Usually you can solve this issue by following the process below:
    Switch your theme to the default twentyfourteen theme and deactivate all plugins. You should now see that this error no longer exists. To find out which plugin/theme triggers this issue, start activating them one-by-one and test again. Finally, activate your previously selected theme.
    As soon as the error reappears, you probably found the theme or plugin that causes this (though not 100%... the last plugin could be just the trigger and not the actual cause).

    Next, you'll have to inspect the files of the plugin that triggers this error.

    Open all php files one by one and check for the following:

    If there is a space or blank line before the opening <?php tag on the file, delete those spaces or lines.

    If there is a closing ?> tag at the end of the file, delete it.

    As stated in the PHP docs:

    The closing tag of a PHP block at the end of a file is optional, and in some cases omitting it is helpful when using include or require, so unwanted whitespace will not occur at the end of files, and you will still be able to add headers to the response later. It is also handy if you use output buffering, and would not like to see added unwanted whitespace at the end of the parts generated by the included files.

    The usual suspects for this error are the functions.php and wp-config.php files so you might want to check these 2 first, though in your case you may want to check the files of the TT Frontend plugin too.

    As for blocking access to your dashboard you could try adding some custom code to your functions.php file:

    /*
     * If user is not an admin, do not allow access to the dashboard AT ALL.
     */
    function custom_remove_no_admin_access(){
        if ( ! defined( 'DOING_AJAX' ) && ! current_user_can( 'manage_options' ) ) {
            wp_redirect( home_url() );
            die();
        }
    }
    add_action( 'admin_init', 'custom_remove_no_admin_access', 1 );

    I hope that helps!

    Cheers,
    Ari.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.