Our support team is currently on holiday from December 25, 2025 to January 7, 2026, and replies may be delayed during this period.
We appreciate your patience and understanding while our team is away. Thank you for being part of the wpDiscuz community!
Merry Christmas and Happy Holidays! 🎄
Registration on my site is disabled and the only way to comment is via social login. But logged people can see the admin bar and access the pages (URLs) /wp-admin and /wp-login / and /wp-admin/profile.php
Is there a configuration on WPDiscuz, or a code (snippet), to prevent such access?
I don’t want users to ever see the WordPress back-end (!)
Hi @doctorbr,
This artilce should be helpful for you: https://blog.hubspot.com/website/how-to-limit-wordpress-dashboard-access
Hello, @Asti
I added 2 snippets (codes below).
add_action('after_setup_theme', 'remove_admin_bar');
function remove_admin_bar() {
if (!current_user_can('administrator') && !is_admin()) {
show_admin_bar(false);
}
}
add_action( 'init', 'blockusers_init' );
function blockusers_init() {
if ( is_admin() && ! current_user_can( 'administrator' ) && ! ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) {
wp_safe_redirect( home_url() );
exit;
}
}
But users logged in by wpDiscuz via social login can still access the /wp-login.php page and this generates a lot of confusion, as the username collected by wpDiscuz appears as a user name in the “User Name” field of the default WordPress form (page /wp-login.php).
Is there an effective way to change URL /wp-login.php via wpDiscuz?
Sure if you have a login page you can isnert the URL in the Dashboard > wpDiscuz > Settings > User Authorization and Profile Data tab.
More info here: https://wpdiscuz.com/community/f-a-q/change-login-url/
