Prevent access to wp-admin

Wpsnipp – In the past WordPress was hackable due to a security hole in the back-end administration, i.e. through wp-admin. Although the back end has been improved a lot since then, it is still a good idea to protect your wp-admin folder from unauthorized access.Adding this code to your functions.php will redirect subscribers away from wp-admin to the home page.

 

 

if ( is_user_logged_in() && is_admin() ) {
global $current_user;
get_currentuserinfo();
$user_info = get_userdata($current_user->ID);
if ( $user_info->wp_user_level == 0 )
{
header( 'Location: '.get_bloginfo('home').'/wp-login.php?redirect='.get_bloginfo('home').'/wp-admin/' );
}
}

Leave a comment