{"id":1012,"date":"2011-10-08T14:59:05","date_gmt":"2011-10-08T14:59:05","guid":{"rendered":"https:\/\/wordpress.org\/plugins-wp\/remove-dashboard-access-for-non-admins\/"},"modified":"2024-11-29T20:13:50","modified_gmt":"2024-11-29T20:13:50","slug":"remove-dashboard-access-for-non-admins","status":"publish","type":"plugin","link":"https:\/\/tw.wordpress.org\/plugins\/remove-dashboard-access-for-non-admins\/","author":17862936,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.2.1","stable_tag":"1.2.1","tested":"6.7.5","requires":"3.1.0","requires_php":"5.3","requires_plugins":null,"header_name":"Remove Dashboard Access","header_author":"TrustedLogin","header_description":"","assets_banners_color":"777c7f","last_updated":"2024-11-29 20:13:50","external_support_url":"","external_repository_url":"","donate_link":"https:\/\/www.trustedlogin.com","header_plugin_uri":"https:\/\/www.trustedlogin.com\/remove-dashboard-access\/","header_author_uri":"https:\/\/www.trustedlogin.com","rating":4.6,"author_block_rating":0,"active_installs":30000,"downloads":469302,"num_ratings":78,"support_threads":1,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"0.2":{"tag":"0.2","author":"DrewAPicture","date":"2011-10-09 18:01:47"},"0.3":{"tag":"0.3","author":"DrewAPicture","date":"2011-10-12 09:50:09"},"0.4":{"tag":"0.4","author":"DrewAPicture","date":"2011-10-16 22:47:14"},"1.0":{"tag":"1.0","author":"DrewAPicture","date":"2013-03-04 04:02:06"},"1.1":{"tag":"1.1","author":"DrewAPicture","date":"2014-07-15 17:06:08"},"1.1.1":{"tag":"1.1.1","author":"DrewAPicture","date":"2014-07-16 08:43:20"},"1.1.2":{"tag":"1.1.2","author":"DrewAPicture","date":"2015-02-03 01:40:01"},"1.1.3":{"tag":"1.1.3","author":"trustedlogin","date":"2022-04-19 03:33:33"},"1.1.4":{"tag":"1.1.4","author":"trustedlogin","date":"2022-04-19 03:33:33"},"1.1.5":{"tag":"1.1.5","author":"trustedlogin","date":"2023-09-05 19:24:40"},"1.2":{"tag":"1.2","author":"trustedlogin","date":"2024-01-30 03:36:44"},"1.2.1":{"tag":"1.2.1","author":"trustedlogin","date":"2024-11-29 20:13:50"}},"upgrade_notice":{"0.4":"<ul>\n<li>Refined DOING_AJAX check for logged-out users<\/li>\n<\/ul>","0.3":"<ul>\n<li>Improved function.<\/li>\n<\/ul>","0.2":"<ul>\n<li>No additional files were added.<\/li>\n<\/ul>","0.1":"<ul>\n<li>Initial submission<\/li>\n<\/ul>"},"ratings":{"1":4,"2":2,"3":1,"4":4,"5":67},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":2963265,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":2963265,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":2963265,"resolution":"1544x500","location":"assets","locale":""},"banner-772x250.png":{"filename":"banner-772x250.png","revision":2963265,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["0.2","0.3","0.4","1.0","1.1","1.1.1","1.1.2","1.1.3","1.1.4","1.1.5","1.2","1.2.1"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":948494,"resolution":"1","location":"assets","locale":""},"screenshot-2.png":{"filename":"screenshot-2.png","revision":948494,"resolution":"2","location":"assets","locale":""},"screenshot-3.png":{"filename":"screenshot-3.png","revision":948494,"resolution":"3","location":"assets","locale":""}},"screenshots":{"1":"The Dashboard Access Controls settings in the Settings &gt; Dashboard Access screen.","2":"Allow users to access their profile settings (only).","3":"Optional login message."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[1911,563,434,602,1914],"plugin_category":[38],"plugin_contributors":[209597],"plugin_business_model":[],"class_list":["post-1012","plugin","type-plugin","status-publish","hentry","plugin_tags-access","plugin_tags-administration","plugin_tags-dashboard","plugin_tags-login","plugin_tags-restrict","plugin_category-authentication","plugin_contributors-trustedlogin","plugin_committers-trustedlogin","plugin_support_reps-trustedlogin","plugin_support_reps-zackkatz"],"banners":{"banner":"https:\/\/ps.w.org\/remove-dashboard-access-for-non-admins\/assets\/banner-772x250.png?rev=2963265","banner_2x":"https:\/\/ps.w.org\/remove-dashboard-access-for-non-admins\/assets\/banner-1544x500.png?rev=2963265","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/remove-dashboard-access-for-non-admins\/assets\/icon-128x128.png?rev=2963265","icon_2x":"https:\/\/ps.w.org\/remove-dashboard-access-for-non-admins\/assets\/icon-256x256.png?rev=2963265","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/remove-dashboard-access-for-non-admins\/assets\/screenshot-1.png?rev=948494","caption":"The Dashboard Access Controls settings in the Settings &gt; Dashboard Access screen."},{"src":"https:\/\/ps.w.org\/remove-dashboard-access-for-non-admins\/assets\/screenshot-2.png?rev=948494","caption":"Allow users to access their profile settings (only)."},{"src":"https:\/\/ps.w.org\/remove-dashboard-access-for-non-admins\/assets\/screenshot-3.png?rev=948494","caption":"Optional login message."}],"raw_content":"<!--section=description-->\n<p>The easiest and safest way to restrict access to your WordPress site's Dashboard and administrative menus. Remove Dashboard Access is a lightweight plugin that automatically redirects users who shouldn't have access to the Dashboard to a custom URL of your choosing. Redirects can also be configured on a per-role\/per-capability basis, allowing you to keep certain users out of the Dashboard, while retaining access for others.<\/p>\n\n<ul>\n<li>Limit Dashboard access to user roles:\n\n<ul>\n<li>Admins only<\/li>\n<li>Admins + editors<\/li>\n<li>Admins, editors, and authors<\/li>\n<li>or restrict by specific user capability<\/li>\n<\/ul><\/li>\n<li>Choose your own redirect URL<\/li>\n<li>Optionally allow users to edit their profiles<\/li>\n<li>Display a message on the login screen so users know why they're being redirected<\/li>\n<\/ul>\n\n<p>Blocking access to the Dashboard is a great way to prevent clients from breaking their sites, prevent users from seeing things they shouldn't, and to keep your site's backend more secure.<\/p>\n\n<p><strong>Allow only users with roles or capabilities:<\/strong><\/p>\n\n<p>You can restrict Dashboard access to Admins only, Editors or above, Authors or above, or by selecting a specific user capability.<\/p>\n\n<p><strong>Grant access to user profiles:<\/strong><\/p>\n\n<p>Optionally allow all users the ability to edit their profiles in the Dashboard. Users lacking the chosen capability won't be able to access any other sections of the Dashboard.<\/p>\n\n<p><strong>Show a custom login message:<\/strong><\/p>\n\n<ul>\n<li>Supply a message to display on the login screen. Leaving this blank disables the message.<\/li>\n<\/ul>\n\n<!--section=installation-->\n<ol>\n<li>Search 'Remove Dashboard Access' from the Install Plugins screen.<\/li>\n<li>Install plugin, click Activate.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id='what%20happens%20to%20disallowed%20users%20who%20try%20to%20access%20to%20the%20dashboard%3F'><h3>What happens to disallowed users who try to access to the Dashboard?<\/h3><\/dt>\n<dd><p>Users lacking the chosen capability or role(s) will be redirected to the URL set in Settings &gt; Dashboard Access.<\/p><\/dd>\n<dt id='why%20haven%27t%20you%20added%20an%20option%20to%20disable%20the%20wordpress%20toolbar%3F'><h3>Why haven't you added an option to disable the WordPress Toolbar?<\/h3><\/dt>\n<dd><p>The Toolbar contains certain important links (even for disallowed users) such as for accessing to the profile editor and\/or logging out. Plus, there are many plugins out there for disabling the Toolbar if you really want to.<\/p><\/dd>\n<dt id='can%20i%20disable%20the%20redirection%2Fprofile-editing%20controls%20without%20disabling%20the%20plugin%3F'><h3>Can I disable the redirection\/profile-editing controls without disabling the plugin?<\/h3><\/dt>\n<dd><p>No. Disable the plugin if you don't wish to leverage the functionality.<\/p><\/dd>\n<dt id='how%20do%20i%20hide%20other%20plugins%2Fthemes%27%20toolbar%20menus%3F'><h3>How do I hide other plugins\/themes' Toolbar menus?<\/h3><\/dt>\n<dd><ul>\n<li>Remove Dashboard Access removes some built-in WordPress Toolbar menus by default, but can be extended to hide menus from other plugins or themes via two filters: <code>rda_toolbar_nodes<\/code> (viewing from the admin), and <code>rda_frontend_toolbar_nodes<\/code> (viewing from the front-end).<\/li>\n<\/ul><\/dd>\n<dt id='how%20do%20i%20find%20the%20menu%20%28node%29%20id%3F'><h3>How do I find the menu (node) id?<\/h3><\/dt>\n<dd><ul>\n<li>In the HTML page source, look for the <code>&lt;li&gt;<\/code> container for the menu node you're targeting. It should take the form of <code>&lt;li id=\"wp-admin-bar-SOMETHING\"&gt;<\/code><\/li>\n<li>In <code>&lt;li id=\"wp-admin-bar-SOMETHING\"&gt;<\/code>, you want the \"SOMETHING\" part.<\/li>\n<\/ul><\/dd>\n<dt id='how%20can%20i%20allow%20access%20to%20specific%20pages%20of%20the%20dashboard%3F'><h3>How can I allow access to specific pages of the Dashboard?<\/h3><\/dt>\n<dd><p>The function returns an associative array with <code>$pagenow<\/code> as the key and a nested array of key =&gt; value pairs where the key is the <code>$_GET<\/code> parameter and the value is the allowed value.<\/p>\n\n<p>Example: If you want to allow a URL of <code>admin.php?page=EXAMPLE<\/code>, there are three parts to know:<\/p>\n\n<ul>\n<li>The <code>$pagenow<\/code> global value (<code>tools.php<\/code> in this case)<\/li>\n<li>The <code>$_GET<\/code> key (<code>page<\/code> in this case)<\/li>\n<li>The <code>$_GET value (<\/code>EXAMPLE in this case)<\/li>\n<\/ul>\n\n<p>Here is how we would add that URL to the allowlist:<\/p>\n\n<pre><code>\/**\n * Allow users to access a page with a URL of tools.php?page=EXAMPLE\n *\n * @param array $pages Allowed Dashboard pages.\n * @return array Filtered allowed Dashboard pages.\n *\/\nfunction wpdocs_allow_example_dashboard_page( $pages ) {\n\n    \/\/ If the $pages array doesn't contain the 'admin.php' key, add it.\n    if ( ! isset( $pages['tools.php'] ) ) {\n        $pages['tools.php'] = array();\n    }\n\n    \/\/ Now add ?page=EXAMPLE` combination to the allowed parameter set for that page.\n$pages['tools.php'][] = array(\n    'page' =&gt; 'EXAMPLE'\n);\n\nreturn $pages;\n<\/code><\/pre>\n\n<p>}<\/p>\n\n<p>add_filter( 'rda_allowlist', 'wpdocs_allow_example_dashboard_page' );\n`<\/p><\/dd>\n<dt id='how%20can%20i%20filter%20the%20disallowed%20toolbar%20nodes%20on%20the%20front-end%3F'><h3>How can I filter the disallowed Toolbar nodes on the front-end?<\/h3><\/dt>\n<dd><p>`\n\/**\n * Filter hidden Toolbar menus on the front-end.\n *\n * @param array $ids Toolbar menu IDs.\n * @return array Filtered front-end Toolbar menu IDs.\n *\/\nfunction wpdocs_hide_some_toolbar_menu( $ids ) {\n    $ids[] = 'SOMETHING';\n    return $ids;\n}\nadd_filter( 'rda_frontend_toolbar_nodes', 'wpdocs_hide_some_toolbar_menu' );<\/p>\n\n<p><strong>Common plugin Toolbar menus and their ids:<\/strong><\/p>\n\n<ul>\n<li><a href=\"https:\/\/wordpress.org\/extend\/plugins\/jetpack\/\">Jetpack by WordPress.com<\/a> (notifications) \u2013 'notes'<\/li>\n<li><a href=\"https:\/\/wordpress.org\/extend\/plugins\/wordpress-seo\/\">WordPress SEO by Yoast<\/a> \u2013 'wpseo-menu'<\/li>\n<li><a href=\"https:\/\/wordpress.org\/extend\/plugins\/w3-total-cache\/\">W3 Total Cache<\/a> \u2013 'w3tc'<\/li>\n<\/ul><\/dd>\n<dt id='how%20do%20i%20enable%20debug%20mode%3F'><h3>How do I enable Debug Mode?<\/h3><\/dt>\n<dd><p>To view debugging information on the Settings &gt; Reading screen, visit:<\/p>\n\n<pre><code>example.com\/options-general.php?page=dashboard-access&amp;rda_debug=1\n<\/code><\/pre><\/dd>\n<dt id='can%20i%20contribute%20to%20the%20plugin%3F'><h3>Can I contribute to the plugin?<\/h3><\/dt>\n<dd><p>Yes! This plugin is in active development <a href=\"https:\/\/github.com\/trustedlogin\/Remove-Dashboard-Access\">on GitHub<\/a>. Pull requests are welcome!<\/p><\/dd>\n<dt id='is%20the%20plugin%20gdpr%20compliant%3F'><h3>Is the plugin GDPR compliant?<\/h3><\/dt>\n<dd><p>Yes. The plugin does not collect any personal data, nor does it set any cookies.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.2.1 on November 29, 2024<\/h4>\n\n<ul>\n<li>Fixed: Compatibility with WordPress 6.7 (there was a warning that translations were being loaded too soon)<\/li>\n<li>Tweak: Sanitized admin menu URL<\/li>\n<\/ul>\n\n<h4>1.2 on January 29, 2024<\/h4>\n\n<ul>\n<li>Confirmed compatibility with WordPress 6.4.2<\/li>\n<li>New: Added a new filter, <code>rda_allowlist<\/code>, to configure pages that should be accessible to all users, regardless of their capabilities or roles (see FAQ for usage)<\/li>\n<li>Improved: Added a description that clarifies that the Login Message is only displayed on the WordPress \"Log In\" screen<\/li>\n<li>Improved: The User Profile Access text is now a proper label for the checkbox<\/li>\n<li>Fixed: Allow access to the Wordfence 2FA configuration page (<a href=\"https:\/\/github.com\/trustedlogin\/Remove-Dashboard-Access\/issues\/33\">#33<\/a>)<\/li>\n<li>Fixed: Text domain not properly set for translations (thanks <a href=\"https:\/\/wordpress.org\/support\/topic\/i18n-problem-textdomain-is-not-sethello\/\">@fierevere<\/a>)<\/li>\n<li>Tweak: Prevent directly accessing PHP files by checking for <code>ABSPATH<\/code> (<a href=\"https:\/\/github.com\/trustedlogin\/Remove-Dashboard-Access\/issues\/26\">#26<\/a>)<\/li>\n<li>Tweak: Prevent browsing directories on poorly-configured servers by adding <code>index.php<\/code> files in plugin directories<\/li>\n<\/ul>\n\n<h4>1.1.4 &amp; 1.1.5 on April 18, 2022<\/h4>\n\n<p>Remove Dashboard Access is now being maintained by <a href=\"https:\/\/www.trustedlogin.com\/2022\/02\/21\/remove-dashboard-access\/\">TrustedLogin<\/a>! Remove Dashboard Access aligns with what we do at TrustedLogin: simply making WordPress more secure. Email any questions to <a href=\"mailto:&#x73;&#117;&#x70;p&#111;&#x72;&#116;&#x40;&#116;&#x72;&#117;&#x73;&#116;&#x65;&#100;&#x6c;o&#103;&#x69;&#110;&#x2e;&#099;&#x6f;&#109;\">support@trustedlogin.com<\/a>.<\/p>\n\n<ul>\n<li>Fixed: Deactivating and activating the plugin will no longer overwrite plugin settings<\/li>\n<li>Fixed: Deprecated function <code>screen_icon()<\/code> warning<\/li>\n<li>Fixed: Issue when front-end editing of profiles when the <code>$pagenow<\/code> global is not defined (<a href=\"https:\/\/github.com\/trustedlogin\/Remove-Dashboard-Access\/issues\/24\">#24<\/a>)<\/li>\n<li>Fixed: Potential <code>Invalid argument supplied for foreach()<\/code> PHP warning (<a href=\"https:\/\/github.com\/trustedlogin\/Remove-Dashboard-Access\/pull\/22\">#22<\/a>)<\/li>\n<\/ul>\n\n<h4>1.1.3<\/h4>\n\n<ul>\n<li>Fixed a compatibility issue with bbPress and the media grid view.<\/li>\n<\/ul>\n\n<h4>1.1.2<\/h4>\n\n<ul>\n<li>Bump tested-up-to to 4.1.0<\/li>\n<li>Miscellaneous readme changes.<\/li>\n<\/ul>\n\n<h4>1.1.1<\/h4>\n\n<p>Bug Fix:<\/p>\n\n<ul>\n<li>Move options back to Settings &gt; Dashboard Access screen to resolve conflict with page_on_front UI.<\/li>\n<\/ul>\n\n<h4>1.1<\/h4>\n\n<p>Enhancements:<\/p>\n\n<ul>\n<li>Instantiate as a static instance for better modularity<\/li>\n<li>Move Dashboard Access Controls settings to Settings &gt; Dashboard Access<\/li>\n<li>Add optional login message option<\/li>\n<li>Add better settings sanitization<\/li>\n<li>New Filter: <code>rda_default_caps_for_role<\/code> - Filter default roles for Admins, Editors, and Authors<\/li>\n<li>New Debug Mode<\/li>\n<\/ul>\n\n<p>Bug Fixes:<\/p>\n\n<ul>\n<li>Remove unnecessarily stringent URL mask on the redirect URL option<\/li>\n<\/ul>\n\n<h4>1.0<\/h4>\n\n<ul>\n<li>Complete rewrite!<\/li>\n<li>New: Limit dashboard access for Admins only or by capability<\/li>\n<li>New: Allow\/disallow edit-profile access<\/li>\n<li>New: Choose your own redirect URL<\/li>\n<li>New Filter: <code>rda_default_access_cap<\/code> - Change default access capability<\/li>\n<li>New Filter: <code>rda_toolbar_nodes<\/code> - Filter which back-end Toolbar nodes are hidden<\/li>\n<li>New Filter: <code>rda_frontend_toolbar_nodes<\/code> - Filter which front-end Toolbar nodes are hidden<\/li>\n<\/ul>\n\n<h4>0.4<\/h4>\n\n<ul>\n<li>Refined DOING_AJAX check for logged-out users, props @nacin and @BoiteAWeb<\/li>\n<\/ul>\n\n<h4>0.3<\/h4>\n\n<ul>\n<li>Changed cap to manage_options, replaced PHP_SELF with DOING_AJAX<\/li>\n<\/ul>\n\n<h4>0.2<\/h4>\n\n<ul>\n<li>Replaced preg_match with admin-ajax test. Added compatibility with rewritten dashboard URLs.<\/li>\n<\/ul>\n\n<h4>0.1<\/h4>\n\n<ul>\n<li>Submitted to repository<\/li>\n<\/ul>","raw_excerpt":"Disable Dashboard access for users of a specific role or capability. Disallowed users are redirected to a chosen URL. Get set up in seconds.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/tw.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/1012","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tw.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/tw.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/tw.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=1012"}],"author":[{"embeddable":true,"href":"https:\/\/tw.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/trustedlogin"}],"wp:attachment":[{"href":"https:\/\/tw.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=1012"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/tw.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=1012"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/tw.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=1012"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/tw.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=1012"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/tw.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=1012"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/tw.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=1012"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}