Pages by User Role for WordPress

Pages by User Role for WordPress

All support is handled through our online Help Center Like us on FacebookFollow us on TwitterAdd us to your circles on Google+Follow us on EnvatoGet the latest from RightHere

Are you a WordPress developer or a Web Designer who uses WordPress to develop websites for your clients? Or are you a novice WordPress user?

Have you ever wanted not to show Pages, Posts or Categories in the menu? Or wanted to restrict access to certain content on your website? With Pages by User Role you can add Access Control to the following things in WordPress based on which Role the user has.

  • Pages
  • Posts
  • Categories
  • Custom Post Types added by third-party plugins
We have made this very easy with Pages by User Roles for WordPress.

The plugin also removes the Page, Post, Custom Post Type or Categories from search results and blog roll. You can hide Page and Categories from the menu when users are not logged in. You can also set a specific redirect URL for users that don’t have the required User Role.

It also works if you are using the custom menu feature built into WordPress. It will hide the menu items that has assigned a user Role when the user is not logged in.

Pages by User Role for WordPress - Access Control Metabox

Pages by User Role for WordPress - Restrict access to Category

List of features


  • Set default redirect URL for users that does not have access to a Page, Post or Custom Post Type.
  • Enable comment filtering
  • Redirect to login
  • Support for WordPress User Roles
  • Support for Custom User Roles
  • Panic option if you restrict yourself from viewing a Custom Post Type
  • Enable Access Control to Custom Post Types
  • Restrict access to Custom Post Types in the Frontend by User Role
  • Restrict access to Access Control Metabox by User Role on Pages, Posts and Custom Post Types.
  • Revert the Pages by User Role behavior to the backend instead of the original frontend.

Pages, Posts and Custom Post Types

  • Quick overview of User Role Access on Page, Post and Custom Post Types
  • Set Access Control for Subscriber, Contributor, Author, Editor and Administrator
  • Set Access Control for custom User Roles (you need White Label Branding to create the Custom User Roles)
  • Set Access Control for Categories
  • Set individual redirect URL for each Pages, Posts and Custom Post types when a User Role doesn’t have access.
  • Hide individual Pages form the menu
  • Hide Categories from the menu
  • Hide individual Pages, Posts, Custom Posts Types and Categories from search results and blog roll
  • Restrict access to content by using Shortcodes. Access controlled by User Role pur_restricted pur_restricted_alt pur_not_logged_in


Version – April 24, 2015

  • Improvement: Replaced add_query_arg() due to an XSS vulnerability issue that affects many WordPress plugins and themes. Please observe that before the function could be accessed the user had to be an Administrator, meaning that the potential issue was not available to the public.

Version – January 6, 2015

  • Bug Fixed: When blocked post id’s make the query result empty, the blocked posts are not blocked at all.

Version – November 19, 2014

  • Compatibility Fix: BBpress topic not shown, replies show when put is active

Version – November 8, 2014

  • New Feature: Advanced option to out a custom HTML/Javascript when a page is restricted to the user
  • New Feature: Restrict Post Type Archive by User Role, which allows you to restrict access to Post Type Archives by User Role and set an independent redirect URL for it
  • Bug Fixed: Disappearing Options Tab
  • Bug Fixed: When using inverted PUR the edit post link in the toolbar was still visible, and the user can actually bypass the restriction and edit the post.
  • Bug Fixed: Undesired redirect on Calendarize it! Events
  • Compatibility Update: WooCommerce product pages

Version 1.2.1 rev47835 – March 17, 2014

  • Bug Fixed: Handle a situation where under some buggy conditions, output have been already sent by the site, before it should, and thus breaking redirection.
  • Bug Fixed: Removed php warnings
  • New Feature: Added a setting to restrict what user roles will be able to view the “Access Control” Metabox.
  • New Feature: Experimental Inverted PUR functionality

Version 1.2.0 rev22604 – March 6, 2012

  • New Feature: pur_not_logged_in shortcode for showing content only
  • to visitors NOT logged in.
  • New Feature: Enable Administrator to allow or block access to
  • user roles (previously was only allow)
  • New Feature: Show in menu when restricted post type
  • New Feature: In the list of posts, in the Access Control column
  • show if PUR is Allowing or Denying access to listed roles
  • New Feature: Show Allow as Green and Deny as Red.
  • Bug Fixed: Avoid a crash with Options Panel version 2

Version 1.1.8 rev14552 – December 19, 2011

  • Update: Enabled WordPress 3.3 functionality

Version 1.1.7 rev11497 – December 10, 2011

  • Bug Fixed: pur_restricted Shortcode was not rendering Shortcodes in the content
  • New Feature: pur_restricted Shortcode now allow alternative text with HTML.

Version 1.1.6 rev9091 – September 26, 2011

  • New Feature: No Access behavior customization. Admin can specify if a restricted
  • page should redirect to login or to redirect URL.
  • Bug Fixed: Adjust the redirect URL field in the metabox
  • Bug Fixed: Added missing registration service library

Version 1.1.5 rev7652 – August 8, 2011

  • New Feature: Built-in Shortcode pur_restricted to restrict access to certain sections
  • of the content by capability; defaults to view_restricted-content but any capability
  • Update: Options Panel updated
  • New Feature: No access behavior customization. Admin can specify if a restricted page should
  • redirect to login or to redirect URL.
  • New Feature: Custom Post Types by User Role. This only shows if there are custom post types. This is a mini-plugin itself that adds the following functionality:
    • In the tab option it shows a list of custom post types, and checkboxes of all the existing
    • user roles for each custom post type. By checking a user role for a custom post type you are
    • restricting admin access to that post type only to the checked user role.
VERY IMPORTANT: Always check the Administrator. Note we do not do it by default, thus maybe the Administrator changed the the administrator user role, so we don’t really know what the administrator role is. In the case of incorrectly setting the administrator user role, there is an option on the same tab to disable this feature and recover access to the custom post types.

Version 1.1.4 rev4375 – May 7, 2011

  • Bug Fixed: After setting user roles in Category and removing all, all roles where denied access afterwards.

Version 1.1.3 rev 2526 – March 24, 2011

  • New feature: added comment filtering to comments fetch with the wp method get_comments (recent comments widget)

Version 1.1.2 rev 1863 – March 1, 2011

  • Update: Changed the procedure for redirect; 1) the custom url 2) the default url 3) the login page 4) if you are logged in and do not have access, an error message is shown.

Version 1.1.1 – February 8, 2011

  • Bug Fixed: Fixed broken default redirect URL
  • Bug Fixed: Fixed Pages and Post redirect URL

Version 1.1.0 – February 2, 2011

  • New Feature: Added support for non standard WordPress table pre-fix
  • New Feature: Added support for access control to Categories
  • New Feature: Categories with access control are not searchable (unless you have access)
  • New Feature: Restrict access to Post by using the Posts ID.
  • New Feature: Category will not show in the menu if restricted access

Version 1.0.0 – November 3, 2010

  • First release