In this lesson of our free course on How to Create a Crowdfunding Platform with WordPress, we’ll make your network more secure by setting up some access restrictions that will block access to wp-admin.
WP Frontend Admin has a great feature that allows you to control the access to the dashboard pages. You can enter the list of allowed URLs, and we will do the following:
- Make sure only those URLs are accessible in the front end dashboard
- Block all the wp-admin pages for all users except super admins
- Block all the admin content screens in the front end that are not explicitly allowed
This way, your network will be more secure and people won’t access unauthorized pages.
Go to Network Admin > WP Frontend Admin > Settings > Access restrictions.
Copy and paste the following URLs into the Access restriction: What wp-admin pages can be viewed on the frontend field and Save the changes.
These are the URLs that we will allow based on the platform pages that we created in the course:
- If you added more pages to your front end dashboard, you need to add the wp-admin URLs in this field to allow them.
- If you open pages in the front end dashboard as a site owner, and you’re redirected to ?vgfa_blacklisted_url=1 or the content doesn’t load correctly, you need to manually add the URL of the wp-admin content you want to show on the frontend to the Access restriction: What wp-admin pages can be viewed on the frontend field. This is also useful if you’re displaying any other wp-admin page on the frontend that was not included in our course.
The platform is complete, so we can add some accounts and start using the platform as a site owner to identify any necessary changes.
In the next lesson, we’ll wrap up the course by remembering what we’ve learned so far and sharing some important links.