Remove Dashboard Access

The easiest and safest way to restrict access to your WordPress site’s Dashboard and administrative menus. Remove Dashboard Access is a lightweight plugin that automatically redirects users who shouldn’t have access to the Dashboard to a custom URL of your choosing. Redirects can also be configured on a per-role/per-capability basis, allowing you to keep certain users out of the Dashboard, while retaining access for others.

  • Limit Dashboard access to user roles:
    • Admins only
    • Admins + editors
    • Admins, editors, and authors
    • or restrict by specific user capability
  • Choose your own redirect URL
  • Optionally allow users to edit their profiles
  • Display a message on the login screen so users know why they’re being redirected

Blocking access to the Dashboard is a great way to prevent clients from breaking their sites, prevent users from seeing things they shouldn’t, and to keep your site’s backend more secure.

Allow only users with roles or capabilities:

You can restrict Dashboard access to Admins only, Editors or above, Authors or above, or by selecting a specific user capability.

Grant access to user profiles:

Optionally allow all users the ability to edit their profiles in the Dashboard. Users lacking the chosen capability won’t be able to access any other sections of the Dashboard.

Show a custom login message:

  • Supply a message to display on the login screen. Leaving this blank disables the message.

Download from WordPress.org:

Latest version: https://downloads.wordpress.org/plugin/remove-dashboard-access-for-non-admins.1.2.zip

Changelog

1.2 on January 29, 2024

  • Confirmed compatibility with WordPress 6.4.2
  • New: Added a new filter, rda_allowlist, to configure pages that should be accessible to all users, regardless of their capabilities or roles (see FAQ for usage)
  • Improved: Added a description that clarifies that the Login Message is only displayed on the WordPress “Log In” screen
  • Improved: The User Profile Access text is now a proper label for the checkbox
  • Fixed: Allow access to the Wordfence 2FA configuration page (#33)
  • Fixed: Text domain not properly set for translations (thanks @fierevere)
  • Tweak: Prevent directly accessing PHP files by checking for ABSPATH (#26)
  • Tweak: Prevent browsing directories on poorly-configured servers by adding index.php files in plugin directories

1.1.4 & 1.1.5 on April 18, 2022

  • Fixed: Deactivating and activating the plugin will no longer overwrite plugin settings
  • Fixed: Deprecated function screen_icon() warning
  • Fixed: Issue when front-end editing of profiles when the $pagenow global is not defined (#24)
  • Fixed: Potential Invalid argument supplied for foreach() PHP warning (#22)

1.1.3

  • Fixed a compatibility issue with bbPress and the media grid view.

1.1.2

  • Bump tested-up-to to 4.1.0
  • Miscellaneous readme changes.

1.1.1

  • Move options back to Settings > Dashboard Access screen to resolve conflict with page_on_front UI.

1.1

  • Instantiate as a static instance for better modularity
  • Move Dashboard Access Controls settings to Settings > Dashboard Access
  • Add optional login message option
  • Add better settings sanitization
  • New Filter: rda_default_caps_for_role – Filter default roles for Admins, Editors, and Authors
  • New Debug Mode

Bug Fixes:

  • Remove unnecessarily stringent URL mask on the redirect URL option

1.0

  • Complete rewrite!
  • New: Limit dashboard access for Admins only or by capability
  • New: Allow/disallow edit-profile access
  • New: Choose your own redirect URL
  • New Filter: rda_default_access_cap – Change default access capability
  • New Filter: rda_toolbar_nodes – Filter which back-end Toolbar nodes are hidden
  • New Filter: rda_frontend_toolbar_nodes – Filter which front-end Toolbar nodes are hidden

0.4

  • Refined DOING_AJAX check for logged-out users, props @nacin and @BoiteAWeb

0.3

  • Changed cap to manage_options, replaced PHP_SELF with DOING_AJAX

0.2

  • Replaced preg_match with admin-ajax test. Added compatibility with rewritten dashboard URLs.

0.1

  • Submitted to repository

One thought on “Remove Dashboard Access”

  1. Good day,
    I’m Andrijana from WebHostingGeeks Support. We have found your plugin Remove Dashboard Access at http://werdswords.com/plugins/remove-dashboard-access-for-non-admins/ very interesting and of a significant use for the community. Since I’m of Serbian decent, I’m willing to help people from former Yugoslavia, which now represents six independent countries in Europe, better manage their internet pages by translating your plugin into Serbo-Croatian language.
    Would that be ok with you?
    I hope I’ll hear from you soon.

    Many kind regards,

    Andrijana Nikolic

    [contact information redacted]

Leave a Reply

Your email address will not be published. Required fields are marked *