Skip to:

Re: Securing components from non logged in users

Burt Adsit


OK. Don’t use the code above obviously. :)

Try this:

function oci_restrict_access(){

global $bp, $bp_unfiltered_uri;

if (!is_user_logged_in() &&

(MEMBERS_SLUG == $bp_unfiltered_uri[0] && !empty( $bp->current_action ) ||

BP_GROUPS_SLUG == $bp->current_component && !empty( $bp->current_action ))){

bp_core_redirect( $bp->root_domain );



add_action( ‘wp’, ‘oci_restrict_access’, 3 );

That should restrict any user who is not logged in from going anywhere in /members or /groups except for the members and groups directories. It sends them back to the site home page.

If you don’t want visitors seeing the directories then remove the && !empty( $bp->current_action ) parts in that function. $bp->current_action is anything after /members and /groups. The directories get triggered by just /members and /groups

If you don’t have a file called bp-custom.php in your /mu-plugins directory then create one and put that in there. If you do have one just drop that code in there.

You can change where the function sends them by replacing the bp_core_redirect( $bp->root_domain ); statement with something of your choosing. I just used that for testing. You can make them end up where ever you want:

get_bloginfo('siteurl') . '/wp-login.php?redirect_to=' . urlencode( $bp->root_domain )

I haven’t tested that but I stole that from the admin bar login code. :)

Lemme know how it works for ya.

Skip to toolbar