NEW

WP Frontend Admin now integrates with Wildcloud, enabling platform creation without WP Multisite or WP Ultimo. Benefits include improved performance, admin workflow, security, and reliability. Check out our free course on how to create a multitenant platform.

In this lesson of our free course on How to Create a Crowdfunding Platform with WordPress, we’ll make your network more secure by setting up some access restrictions that will block access to wp-admin.

WP Frontend Admin has a great feature that allows you to control the access to the dashboard pages. You can enter the list of allowed URLs, and we will do the following:

  • Make sure only those URLs are accessible in the front end dashboard
  • Block all the wp-admin pages for all users except super admins
  • Block all the admin content screens in the front end that are not explicitly allowed

This way, your network will be more secure and people won’t access unauthorized pages.

Go to Network Admin > WP Frontend Admin > Settings > Access restrictions.

Copy and paste the following URLs into the Access restriction: What wp-admin pages can be viewed on the frontend field and Save the changes.

These are the URLs that we will allow based on the platform pages that we created in the course:

edit.php?post_type=give_forms&page=give-forms

edit.php?post_type=give_forms&page=give-reports#

edit.php?post_type=give_forms&page=give-payment-history

edit.php?post_type=give_forms&page=give-donors

edit.php?post_type=give_forms&page=give-settings

edit.php?post_type=give_forms&page=give-settings&tab=gateways

edit.php?post_type=give_forms&page=give-settings&tab=display

edit.php?post_type=give_forms&page=give-settings&tab=emails

edit.php?post_type=give_forms&page=give-settings&tab=general

edit.php?post_type=give_forms&page=give-settings&tab=general&section=currency-settings

edit.php?post_type=give_forms&page=give-settings&tab=general&section=access-control

post-new.php?post_type=give_forms

customize.php

admin.php?page=account

post.php?action=edit

post-new.php?post_type=give_forms

edit.php?post_type=give_forms

post.php?action=trash

post.php

post.php?get-post-lock=1

Important notes:

  • If you added more pages to your front end dashboard, you need to add the wp-admin URLs in this field to allow them.
  • If you open pages in the front end dashboard as a site owner, and you’re redirected to ?vgfa_blacklisted_url=1 or the content doesn’t load correctly, you need to manually add the URL of the wp-admin content you want to show on the frontend to the Access restriction: What wp-admin pages can be viewed on the frontend field. This is also useful if you’re displaying any other wp-admin page on the frontend that was not included in our course.

The platform is complete, so we can add some accounts and start using the platform as a site owner to identify any necessary changes.

In the next lesson, we’ll wrap up the course by remembering what we’ve learned so far and sharing some important links.

Download the whole platform

If you have a premium license of WP Frontend Admin, you can download the full backup of our platform and import it on your site, so everything shown in this course will be already configured for you. It will save you a lot of time.

Note – You need WP Ultimo 2.x.

Close