Disable non-admin users’ access to wp-admin, but allow admin-ajax

admin_init

function redirect_non_admin_user(){
    if ( !defined( 'DOING_AJAX' ) && !current_user_can('administrator') ){
        wp_redirect( site_url() );  exit;
    } 
}

add_action( 'admin_init', 'redirect_non_admin_user' );

Reference: https://stackoverflow.com/questions/9408334/wordpress-admin-ajax-results-in-error-302-redirect

WordPress admin-ajax results in Error 302 redirect

I have customized a plugin to make some ajax calls to admin-ajax.php and it works great. I copied the code over to another site and it no longer works for user…

stackoverflow.com

Share this:

Like this: