Allow only the homepage for visitors

Completely restrict access to all the pages on the website except the Home page. Any attempt to access restricted areas or files will be redirected to the default WordPress login page.

WordPress login form

Note! This policy also restricts access to all media files in the uploads folder and optionally requires installation of the AAM Protected Media Files plugin. If you do not need to protect media files, you may ignore this dependency. Otherwise make sure that mentioned plugin is installed as described in the “How to manage access to the WordPress media library” article.

    "Version": "1.0.0",
    "Dependency": {
        "wordpress": ">=5.3.2",
        "advanced-access-manager": ">=6.2.0",
        "aam-protected-media-files": {
            "Name": "AAM Protected Media Files",
            "Version": ">=1.1.5",
            "URL": ""
        "${CONST.AAM_PLUS_PACKAGE}": {
            "Name": "Plus Package",
            "Version": ">=5.0.0",
            "URL": ""
    "Statement": [
            "Effect": "deny",
            "Resource": "URI:/*",
            "Metadata": {
                "Redirect": {
                    "Type": "login"
            "Effect": "allow",
            "Resource": "URI:/wp-login.php"
Copy this unique number and use it to install the policy on your website. To learn more how it works, follow this link.
DEPENDENCIES List of required plugins for this policy to work properly.
WordPress >=5.3.2
Advanced Access Manager >=6.2.0
AAM Protected Media Files >=1.1.5
Plus Package >=5.0.0
ASSIGNEES The type of audience the policy is automatically applied to as well as excluded. To learn more how it works, follow this link
  • All Visitors (not authenticated)