The access tab provides various settings for controlling access to your site.
The panic key is very important and gives you access to the default wp-admin login/register pages if you decide to block access to those pages for non logged-in users. If you decide to block access to wp-admin login and register pages then you should create a safe copy of the panic key so if you ever need to get access to the login. When you activate Ultimate Member a panic key will be generated for you, however, you are free to change via panic key if you wish.
Site accessible available to everyone
By default Ultimate Member will make your site’s access available to everyone. What this means is that every page/post on your site will be available to everyone unless you change the access rule on a particular page/post. This is the best option to use if you want to allow non-members to view your site’s content but want to restrict certain pages to members only.
Site accessible to logged-in users
The other option you have is to lock down the site and make the whole site only accessible for logged-in users. What this means is that every page/post on your site will only be available to logged-in users unless you change the access rule on a particular page/post to make a page available to everyone.
However, if using this option it is important to create a page where non-members can sign-up/login to your site. For example, you may want to make your homepage a landing page to encourage new users to sign-up.
Custom redirect URL
If you select site accessible to logged-in users a new field will appear where you can enter a custom url which is where non-members will be redirected to if they try to access a restricted page.
Exclude the following URLs
If you select site accessible to logged-in users a new field will appear where you can quickly and easily exclude specific URLs from being blocked. Any URLs you add here will be accessible by everyone.
Allow backend login screen for guests
This option allows you to restrict access to the wp-admin default login page. If you turn this on users will only be able to login via an Ultimate Member login form.
Disable admin login via front-end
This option allows you to prevent any users who are admin from logging in via the UM login form. This option can be useful if you wish to use 2 factor authetication for admin users via the default wp-login page but want normal users to login normally.
IMPORTANT: Do NOT turn this option on if you have restricted access to wp-login to guests, as if both options are turned on you will have no way of logging in as admin. Just make sure you do not have both options turned on at same time and also make note of your panic key. If you do accidently manage to lock yourself out, you will need to deactivate UM plugin via FTP or file manager (cPanel). To deactivate UM, all you need to do is go the the plugins folder and rename the Ultimate Member plugin e.g add a 1 at end of plugin name.
Allow backend register screen for guests
This option allows you to restrict access to the wp-admin default register page. If you turn this on users will only be able to register via an Ultimate Member login form.
Enable the Access Control widget for Admins only?
This option allows you to make it so only admin users can decide on the restriction settings for individual page/posts.
Whitelisted Backend IPs
As an extra way of protecting yourself from lockout you can whitelist IP addresses which means anyone trying to access wp-admin and wp-login from one of those IPs will always be able to access those pages.
Blocked IP addresses
This option allows you to block certain IP addresses from accessing your site. You can use full IP numbers or target specific range with a wildcard.
Blocked email addresses
This option allows you to block certain email addresses from registering on your site. You can block individual email addresses or block entire services (e.g gmail accounts) by using a wildcard (*gmail.com).
This option allows you to blacklist specific words to prevent anyone from using these words for their username when signing up to your site. Ultimate Member adds the following words to the blacklist by default: admin, administrator, webmaster, support and staff.