How to Limit Dashboard Access in WordPress
Did you ever want to allow user registration on your WordPress site without giving dashboard access? When a user creates an account on a WordPress site, they get access to the WordPress admin area also known as the dashboard. In this article, we will show you how to limit dashboard access in WordPress.
Why Limit Dashboard Access?
Only users you trust should have access to the admin area of your WordPress site. If you are running a multi-author blog, then you may want to give access to editors and contributors but not to subscribers.
Even when you are giving some users access to the admin area, you can still control what they can or cannot see on the dashboard. We will discuss this later in the article.
Limiting Dashboard Access in WordPress
First thing you need to do is install and activate the Remove Dashboard Access plugin. Upon activation, you need to go to Settings » Dashboard Access to configure the plugin.
Remove Dashboard Access plugin allows you to choose user roles that can get access to the dashboard. You can choose administrators, editors and administrators, or authors, editors, and administrators.
Alternatively, you can also limit access by capability. Capabilities are the actions a user can do on your WordPress site. To understand user roles and capabilities in WordPress, check out our guide on how to add or remove capabilities from user roles in WordPress.
The next option is to choose a redirect URL. This option allows you to redirect disallowed users to any page on your website.
If you want to allow users to edit their profiles, then you need to check the box next to user profile access. Selecting this option will disable the URL redirect feature. The plugin will redirect disallowed users to profile edit screen instead of redirect URL you entered earlier.
Once you are satisfied, click on the save changes button to store your settings.
That’s all. Now only users with your selected user role or capability can access the WordPress dashboard.
Hiding Items from Admin Area in WordPress
Sometimes you may want to restrict what a user sees or can edit in your WordPress admin area.
You can hide and control what users can see in the admin area of your WordPress site. Simply check out our guide on how to hide unnecessary items from WordPress admin with Adminimize.
Protecting WordPress Admin Directory with .htaccess
Another way to protect WordPress admin directory is by adding another layer of password protection. This method asks users to provide a username and password before they can enter wp-admin directory.
This method does not offer a user interface to control which users can access the admin area. However, it is generally considered more secure. If you are the only author on your site or have a very limited set of users use this method.
Checkout our detailed tutorial on how to password protect your WordPress wp-admin directory.
We hope this article helped you limit dashboard access on your WordPress site.