Restrict User Access – Membership Plugin with Force


Restrict content and contexts to control what your users get exclusive access to, or drip content over time. Create an unlimited number of Access Levels and override user and role capabilities.

Use this plugin to quickly set up a membership site where your users can get different levels such as Gold, Silver and Bronze. Then, restrict access to e.g. posts tagged “Premium”, articles written by specific authors, or all your free products.

No coding required.

Unlimited Access Levels

  • Multiple levels per user
  • Sync with User Roles, Logged in, or Logged out
  • Add membership durations
  • Unlock (drip) content for new members
  • Permit & deny level capabilities
  • Hide nav menu items
  • Restrict Widget Areas in Content Aware Sidebars
  • Redirect unauthorized users to a page or custom link
  • Tease content for unauthorized users and show custom message
  • Shortcode to fine-tune restrictions in your posts or pages

Unlimited Content Restrictions

Conditionally restrict all your posts, pages, categories, or any content you want. Restrict User Access even allows you to combine conditions. This means that you e.g. can restrict all posts in Category X written by author Y.

For each level you can restrict content with the following conditions:

  • Singulars, eg. each post, page, or custom post type
  • Content with select taxonomies, eg. categories or tags
  • Content written by a select author
  • Page Templates
  • Post Type Archives
  • Author Archives
  • (Custom) Taxonomy Archives
  • Date Archives
  • Search Results
  • 404 Not Found Page
  • Front Page
  • Blog Page
  • bbPress User Profiles
  • BuddyPress Member Pages
  • Languages (qTranslate X, Polylang, Transposh, WPML)
  • Pods Pages

Plugin Integrations & Support

Restrict User Access automatically supports Custom Post Types and Taxonomies created by any plugin or theme. Moreover, it comes with built-in support for some of the most popular WordPress plugins.

  • bbPress
  • BuddyPress
  • Easy Digital Downloads
  • qTranslate X
  • Pods
  • Polylang
  • Transposh Translation Filter
  • WooCommerce
  • WPML

Visibility Shortcodes

[restrict level="platinum"]
This content can only be seen by users with Platinum level or above.

[restrict level="!platinum"]
This content can only be seen by users without Platinum level or above.

[restrict role="editor,contributor" page="1"]
This content can only be seen by editors and contributors.
Other users will see content from page with ID 1.


Simple API for Developers


More Information


  • Simple Access Levels Overview
  • Conditional Restrictions for Access Level
  • Capability Manager for Access Level


  1. Upload the full plugin directory to your /wp-content/plugins/ directory or install the plugin through Plugins in the administration
  2. Activate the plugin through Plugins in the administration
  3. Have fun creating your first Access Level under the menu User Access > Access Levels > Add New


Installation Instructions
  1. Upload the full plugin directory to your /wp-content/plugins/ directory or install the plugin through Plugins in the administration
  2. Activate the plugin through Plugins in the administration
  3. Have fun creating your first Access Level under the menu User Access > Access Levels > Add New
How do I restrict some content?
  1. Go to User Access > Add New
  2. Click on the “Select content type” dropdown to add a condition
  3. Click on the created input field and select the content you want to restrict
  4. Go to the Members tab to add members
  5. Redirect unauthorized users to a page or URL, or display content from another page along with a teaser/excerpt from the restricted content
  6. Give your new level a descriptive title and save it

In order to restrict a context, e.g. “All Posts with Category X”, simply select a new type of content from the dropdown below the AND label and repeat Step 3.

You can choose to negate conditions, meaning that if you negate the group “All posts with Category X”, the level will get exclusive access to all content but that.

I added a Level to a user, but it can still see other content?

When you create an Access Level to restrict some content, only users with this level will be able to see that content, but they will also be able to see all other (unrestricted) content on your site.

A quick way to “lock down” and make sure e.g. only Administrators can see all content is to create a new Access Level for Administrators with a negated condition group containing “404 Page”. This means that normal users only can see the 404 Page.

By default, Administrators will have access to all content regardless of your levels.

Restricted content is still being displayed on archive pages or in widgets?

Restrict User Access does currently not support hiding single items from archive pages, search results, widgets or custom lists.

It is recommended only to show titles and excerpts in these cases.

Restricted file is still accessible with deep link?

Restrict User Access does currently not support restricting deep links to files, only attachment urls.

User still able to edit restricted content in Admin Dashboard?

Capabilities and Restrictions are separate settings with different functions. Restrictions affect only the frontend, while capabilities work throughout the site (both Admin Dashboard and frontend).

I have other questions, can you help?

Of course! Check out the links below:


Works great and easy, but…

…the fact that there is no restriction for deep link-requests makes the plugin quite useless.

A workaround for this problem:

Just put an .htaccess file into your wp-content/uploads folder with this content:

AddType application/ .docm
AddType application/vnd.openxmlformats-officedocument.wordprocessingml.document docx
AddType application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx
AddType application/ potm
AddType application/vnd.openxmlformats-officedocument.presentationml.template potx
AddType application/ ppam
AddType application/ ppsm
AddType application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx
AddType application/ pptm
AddType application/vnd.openxmlformats-officedocument.presentationml.presentation pptx
AddType application/ xlam
AddType application/ xlsb
AddType application/ xlsm
AddType application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx
AddType application/ xltm
AddType application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain\.com/ [NC]
RewriteCond %{REQUEST_URI} !hotlink\.(gif|png|jpg|doc|xls|pdf|html|htm|xlsx|docx|mp4|mov) [NC]
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteRule .*\.(gif|png|jpg|doc|xls|pdf|html|htm|xlsx|docx|mp4|mov)$ [NC]

The “AddType” commands are for adding the MIME-types for xlsx, docx and all other “new” file types listed, so they are also NOT downloadable.

The section starting with “RewriteEngine On” actually blocks any deep link requests for not logged in users and redirects them to the URL in the last line.


Does what I need it to. Wasn’t able to restrict certain pages by just selecting a membership requirement. Restrict User Access hides BP profiles for logged out members, as well as the member directory and activity stream. Using with Paid Memberships Pro, BuddyPress and the ‘Boss’ theme from BuddyBoss.


Read all 42 reviews

Contributors & Developers

“Restrict User Access – Membership Plugin with Force” is open source software. The following people have contributed to this plugin.


“Restrict User Access – Membership Plugin with Force” has been translated into 2 locales. Thank you to the translators for their contributions.

Translate “Restrict User Access – Membership Plugin with Force” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • Added: redirect to current tab on level update
  • Added: UI improvements
  • Added: improved compatibility with plugins that add unneeded scripts
  • Added: links to docs and support
  • Added: add-ons page
  • Updated: wp-content-aware-engine
  • Updated: freemius sdk


  • Added: better display of hierarchical items in conditions
  • Added: freemius integration
  • Fixed: only display shortcode fallback page for unauthorized users
  • Fixed: redirecting could in rare cases cause infinite loop
  • Updated: wp-content-aware-engine


  • Added: new admin menu icon
  • Added: wordpress 4.9 support
  • Fixed: redirecting to a restricted page could cause 404


  • Fixed: bug when getting active user levels


  • Added: sync levels with all logged-in users
  • Added: redirect unauthorized users to custom link
  • Added: visibility shortcode can show content only for users without a level
  • Added: better wpml and polylang compatibility when editing levels
  • Added: performance and memory improvements
  • Added: minimum requirement wordpress 4.1
  • Fixed: do not get levels on frontend that are not active
  • Fixed: minor bug fixes
  • Updated: wp-content-aware-engine
  • Deprecated: api to get user roles


  • Added: ability to manage more level capabilities
  • Added: better support for RTL languages
  • Added: restrictions now work for password protected posts
  • Added: wordpress 4.8 support
  • Fixed: special characters in translations of conditions
  • Fixed: post type conditions with no titles
  • Fixed: clear user capability cache when its level memberships change
  • Fixed: do not show levels when editing network user profile


  • Added: rewritten admin screens for improved compatibility and ux
  • Added: performance improvements
  • Added: updated wp-content-aware-engine
  • Added: now requires at least wordpress 4.0
  • Fixed: could not redirect to archive pages after login


  • Added: autosave conditions
  • Added: wp filter to add condition metadata
  • Added: wp action to add condition actions
  • Added: simplify option to autoselect conditions
  • Added: ui improvements
  • Fixed: type warning on capabilities
  • Fixed: adding multiple members to level at once


  • Added: ability to restrict all buddypress profile sections
  • Added: exposure moved to condition groups, now called singulars or archives
  • Added: get level capabilities in the API (props Jory Hogeveen)
  • Added: wordpress 4.7 support
  • Added: now requires at least wordpress 3.9
  • Fixed: improved restriction editor UI
  • Fixed: improved search when adding members to level
  • Fixed: better compatibility with other plugins using nav menu editor (props Jory Hogeveen)

See changelog.txt for previous changes.