Prevent non-admins from accessing settings

  • Davidpol

    (@ephraimf)


    9 years ago

    Thank you for your plug-in.

    After installation, there seems to be no way to prevent users, even with only “read” capability, from accessing the settings page.

    How can I prevent anyone but the admin from accessing this page?

    Thank you.

    https://wordpress.org/plugins/custom-login/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Austin

    (@austyfrosty)

    9 years ago

    Default settings are set to allow users capable of the “manage_option” role to view the settings page. So a “read” only user will not see the settings page.

    This can however be changed in the General Settings section.

    Thread Starter Davidpol

    (@ephraimf)

    9 years ago

    I set the “capability” setting to “read” and registered a new user as a “Subscriber”. The new user was able to access the settings page.

    What did I do wrong?

    Plugin Author Austin

    (@austyfrosty)

    9 years ago

    A capability of read means anyone registered to the site can view the settings page. You’ll want to read this WordPress codex page: http://codex.wordpress.org/Roles_and_Capabilities

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Prevent non-admins from accessing settings’ is closed to new replies.