WordPress frontend is the publicly facing part of the website. Typically it is rendered by the active theme with different menus, posts, pages, media assets and widgets. Any other elements of the frontend are either custom to a theme or rendered by third party plugins. This means that anything outside of the menus, posts, pages, media assets and widgets, most likely, cannot be managed. For example plugins like bbPress, BuddyPress and WooCommerce render a lot of custom elements on the frontend and most of the times there is no easy way to manage access to very specific actions and parts of the website frontend.
When there is a need to restrict access to the entire website frontend, you may use .htpasswd on the Apache servers or similar approach for any other alternative website servers like IIS, Lighttpd or Nginx. For more advanced website access control check AAM IP Check extension where you can restrict access to your website based on visitor’s IP address, referred domain or even geographical location and timezone.
If a website’s theme is properly developed, then different types of menus like main menu, footer menu or sidebar menu, can be prepated on the backend Appearance->Menu page and each menu may contain pages, posts, custom post types, custom links or taxonomies (categories or custom hierarchical taxonomies). To learn more about posts, pages or custom post types check What is a WordPress post article. For more information about managing access to taxonomies check What is a WordPress taxonomy article.
When there is a need to restrict access to some part of the frontend area, you also have to think about access denial flow. Should your website show a “Access Denied” message or user should be redirected elsewhere. With AAM you have few available options to handle access denied redirect. For more information about this please check How to redirect user when access is denied article.
Managing access to media assets is quite tricky part in the WordPress. Any media asset, that is added to the Media library, consists of two parts: the actual physical file (image, document, video etc) and the database record. It is easy to manage access to the database record as this is handled very similar way as any post, page or custom post type. However the physical (direct) access to the file requires some extra work.
All media assets, with the default WordPress setup, are located in the wp-content/uploads folder. It means that anybody can directly access a physical file by typing in the browser something like https://youwebsite.com/wp-content/uploads/path-to-the-file.
To protect media assets from a direct access, you would have to redirect any direct file request to a custom script that will authorize user or visitor before returning the file content. Luckily this can be archived with AAM plugin in couple simple steps. Check How to manage WordPress media assets article to learn more about it.
Finally widgets are reusable elements of the WordPress frontend and can be added or reorganized on the backend Appearance->Widgets page. Simply drag-and-drop any registered widget to a proper section (number of available sections depends on the currently active theme) and it should be rendered on the frontend.
Sometimes there is a need to hide/show different widgets based on who browses a website. This can be managed with AAM plugin on the Metaboxes & Widgets tab. Simply check whatever widget needs to be hidden and it will be filtered from a website frontend side.