Restrict Post Type Access

Property	Value
description	Restrict access to protected post types.
tags	lib, php, wp
rating

Human: 3 - Mixed authorship

Roughly half AI, half human. Core content reviewed, but minor risk remains.

Overview

Restrict public access to selected custom post types. The snippet checks archive and single views for the configured post type slugs, then redirects visitors who do not have the required capability to the WordPress login URL.

Replace the placeholder post type slugs in $protected_post_types with the CPT slugs for the site. By default, the access check uses current_user_can( 'edit_posts' ).

Variants

Procedural

Add Macro

Add wp-restrict-post-type-access macro.

<?php
/**
 * Restrict access to protected post types
 *
 * Replace:
 * <post_type_singular> -> CPT slug (singular)
 *
 * Examples:
 * internal
 * client_doc
 */
add_action( 'template_redirect', function(): void {

    /** @var string[] $protected_post_types */
    $protected_post_types = [
        '<post_type_singular>', // Example: internal
        '<post_type_singular>', // Example: client_doc
    ];

    if (
        is_post_type_archive( $protected_post_types ) ||
        is_singular( $protected_post_types )
    ) {

        if ( ! current_user_can( 'edit_posts' ) ) {
            wp_redirect( wp_login_url() );
            exit;
        }
    }

});