tags:

views:

23

answers:

3

Users can register as contributor to my wordpress website. But the registered users can go to www.website.com/wp-admin and login and get to admin page. I know they have very less capabilities but still i want to redirect them to the index page or someother page in the site. Is there a way to do it?

A: 

yes just set the permission levels up in the WP admin. Go to admin, then into users and make sure their permissions are subscriber, not admin or editor or author.

PurplePilot
A: 

You can do this by editing your .htaccess file. This is in the root folder.

I have included something from http://www.catswhocode.com/blog/10-awesome-htaccess-hacks-for-wordpress that explains this better:

Allow only your IP adress on the wp-admin directory

Excepted the case of a collaborative blog, only you should be allowed to visit the wp-admin directory. If you have a static IP, this code will do the job. All you have to do is to enter your static IP adress on line 8. Note that you can add more IPs if needed, by creating a new line with: allow from xx.xx.xxx.xx inside.

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "Example Access Control"
AuthType Basic
<LIMIT GET>
order deny,allow
deny from all
allow from xx.xx.xx.xx
</LIMIT>

Source: Protecting the WordPress wp-admin folder

Todd Moses
+1  A: 

put the following code somewhere wordpress will execute it.

add_action( 'init', 'level_check' );

function level_check() {
 // is_admin() will let us know if we're in admin pages
 // only admins can 'update_core' and 'list_users'
 if ( is_admin() && !current_user_can( 'update_core' ) && !current_user_can( 'list_users' ) ) {
  // redirect or whatever here
  echo "not permitted";
  die();
 }
}

but don't try and goto /wp-admin to login, goto /wp-login instead

jay.lee