开发者

Is there a way to redirect users who are not administrator from WordPress wp-admin?

Users can register as contributor to my wordpress website. But the registered users can go to www.website.com/wp-admin and login and get to admin page. I know they have very less capabilities but still i want to redirect them to the index page or someother page in the 开发者_开发问答site. Is there a way to do it?


put the following code somewhere wordpress will execute it.

add_action( 'init', 'level_check' );

function level_check() {
 // is_admin() will let us know if we're in admin pages
 // only admins can 'update_core' and 'list_users'
 if ( is_admin() && !current_user_can( 'update_core' ) && !current_user_can( 'list_users' ) ) {
  // redirect or whatever here
  echo "not permitted";
  die();
 }
}

but don't try and goto /wp-admin to login, goto /wp-login instead


yes just set the permission levels up in the WP admin. Go to admin, then into users and make sure their permissions are subscriber, not admin or editor or author.


You can do this by editing your .htaccess file. This is in the root folder.

I have included something from http://www.catswhocode.com/blog/10-awesome-htaccess-hacks-for-wordpress that explains this better:

Allow only your IP adress on the wp-admin directory

Excepted the case of a collaborative blog, only you should be allowed to visit the wp-admin directory. If you have a static IP, this code will do the job. All you have to do is to enter your static IP adress on line 8. Note that you can add more IPs if needed, by creating a new line with: allow from xx.xx.xxx.xx inside.

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "Example Access Control"
AuthType Basic
<LIMIT GET>
order deny,allow
deny from all
allow from xx.xx.xx.xx
</LIMIT>

Source: Protecting the WordPress wp-admin folder

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜