How to Prevent User Roles from Logging in to WordPress

There are several ways to remove users from your WordPress site, or prevent them from accessing the admin area.

For example, you can choose to change the user's account to “No role for this site“. If you change this setting, the user will be able to log in to your site. And they will be able to interact with the frontend of the site, such as posting comments on posts. However, they will not be able to access the admin area of your site.

No role for this site setting for WordPress users

If you have the delete_users capability, you can remove the whole account for a user. There are downsides to this approach. One disadvantage is that you also lose all the connections between that user and any posts or other content on the site. Another disadvantage is that this is permanent and cannot be undone.

Delete option for WordPress users

There is another solution available using the PublishPress Capabilities plugin. This solution is different in several ways:

  1. It can be temporary and easily undone.
  2. It retains the connections between the users and the content they created.
  3. It can prevent users from logging in to your site, both to the frontend and admin areas of your site.

This solution allows you to block an entire user role from logging in to your site. In the next part of this guide, I'll show you how this is done:

  • Install the PublishPress Capabilities plugin.
  • Create a new user role. You can give this role a name, such as “Blocked Users”.
Create a new role for WordPress users
  • Visit the “Advanced” tab.
  • If you want this option, check the box for “Block Login”. This will block the user from logging in to any area of the site.
  • If you want this option, check the box for “Block Dashboard Access”. This will block the user from logging in to the admin area of the site.
  • For an explanation of the “Role Level” option, please see this guide.
  • Click the “Create Role” button.
Create a new role and block access
  • You can now go to the “Users” screen and move any user to the “Blocked Users” role.
Change role option for WordPress users
  • If any user in the “Blocked Users” role tries to log in to your site, they'll see the message “Login permission denied”.
  • If you check the box “Block Dashboard Access” but not “Block Login”, then the users in the “Blocked Users” role who visit the admin area of your site will see the message, “Sorry, you are not allowed to access this page.”
Login permission denied for WordPress users

If you want other options for blocking users, check out our guide to stopping users from creating new posts. If you're using the block editor, you can prevent users from having access to some blocks or even stop them from adding any new blocks. You can hide elements in Gutenberg with the Editor Features screen. You can also force users to use either Gutenberg or the Classic Editor.

  • Steve Burge

    Steve is the founder of PublishPress. He's been working with open source software for over 20 years. Originally from the UK, he now lives in Sarasota in the USA. This profile is generated by the PublishPress Authors plugin.

Leave a Reply

Your email address will not be published. Required fields are marked *