Why should I limit admin menus in WordPress?

Limiting admin menus improves usability and security by simplifying the admin interface for non-admin users, preventing unauthorized edits, improving navigation, and separating admin-only tools from general ones.

Can I add custom menu redirects based on user roles?

Yes, you can add new menu items that redirect to specific pages based on user roles using the `add_menu_page()` function along with appropriate conditional logic.

What are the best practices for managing admin menus in WordPress?

Best practices include validating user capabilities, using capability checks instead of direct role checks, testing with multiple roles, and avoiding hardcoded URLs.

What common pitfalls should I avoid when managing admin menus?

Common pitfalls include not preventing direct access to pages, being cautious of changes in plugin updates or custom post type names, and avoiding hardcoded URLs.

Hide Admin Menu Access by User Role in WordPress

Q: How can I hide admin menus for non-admin users?

You can use the `current_user_can()` function in WordPress to conditionally remove menu items for specific roles, ensuring non-admins do not see certain menu items.

7 May 2025 By Eugene Evenwel

Managing the WordPress admin interface for different user roles can significantly improve usability and security—especially in large organizations, multisite environments, or client-facing backends. While WordPress offers basic role capabilities, programmatic control over the admin menu gives you granular access control tailored to real-world workflows.

In this article, we’ll walk through how to dynamically hide menu items for non-admins and add custom menu redirects based on roles—without relying on third-party plugins.

Why Limit Admin Menus?

Giving non-admin users access to complex or sensitive admin features can lead to accidental changes, confusion, or clutter. Role-based menu customization helps:

Simplify the admin interface for editors, authors, and contributors
Prevent unauthorized edits to custom post types or plugin settings
Improve navigation by directing users to more relevant internal tools
Separate admin-only tools from general operational tools

Understanding the WordPress Admin Menu

The WordPress admin menu is built dynamically during the admin_menu action. Each menu item is tied to a capability (like edit_posts or manage_options)—but sometimes that’s not enough. You may want to override menu visibility or add custom redirects.

This is where programmatic filtering becomes essential.

Example Use Case

Imagine you have a custom post type called “Specials” used for marketing content. Admins should access the full edit interface, but editors should instead be routed to a dedicated frontend dashboard like a “Marketing Hub.”

This requires two steps:

Hide the “Specials” menu for non-admins
Add a new menu that redirects to the hub

How to Hide Admin Menus Based on Role

Use the current_user_can() function to conditionally remove menu items for specific roles.

Example: Hiding a Menu for Non-Admins

add_action('admin_menu', 'custom_hide_specials_menu', 99);

function custom_hide_specials_menu() {
    if (!current_user_can('administrator')) {
        remove_menu_page('edit.php?post_type=specials');
    }
}

This checks if the current user is not an admin and removes the custom post type “Specials” from the admin menu. You can adjust the post_type to match your custom one.

Adding a Custom Menu That Redirects

For users who shouldn’t access the full “Specials” editor, you can add a new menu item that redirects to a frontend page (like a marketing dashboard).

Example: Adding a Redirecting Admin Menu

add_action('admin_menu', 'custom_add_marketing_hub_menu');

function custom_add_marketing_hub_menu() {
    $hub_url = site_url('/marketing-hub/'); // Replace with actual destination

    add_menu_page(
        'Marketing Hub',
        'Marketing Hub',
        'read',
        'marketing-hub',
        function () {
            echo '<div class="wrap"><h1>Redirecting...</h1></div>';
        },
        'dashicons-chart-line',
        8
    );

    add_action('admin_init', function () use ($hub_url) {
        if (isset($_GET['page']) && $_GET['page'] === 'marketing-hub') {
            wp_safe_redirect($hub_url);
            exit;
        }
    });
}

This creates a simple redirect for all users, including admins. You can conditionally wrap the logic to show it only for certain roles.

Best Practices

Always validate user capability before showing or hiding menu items.
Use current_user_can() instead of role names directly to ensure capability-based flexibility.
Test with multiple roles (editor, author, contributor) to confirm the behavior is as expected.
Use capability-based control over direct role checks when possible (manage_options vs checking for ‘administrator’).

Common Pitfalls

Removing a menu item doesn’t prevent direct access to the page—use current_user_can() inside the page logic too.
Be cautious of plugin updates or CPT name changes that may affect remove_menu_page() slugs.
Avoid hardcoding URLs—use get_permalink() or site_url() to ensure flexibility across environments.

Conclusion

Restricting access to admin menu items based on user role helps keep your WordPress dashboard clean, secure, and user-friendly. Whether you’re redirecting users to a custom hub or simply hiding complex interfaces, programmatic control gives you the flexibility to tailor the experience for every user type.

By combining remove_menu_page() and add_menu_page() with smart conditional logic, you can create a backend experience that matches your team’s real-world workflow—without relying on bulky plugins.