In its default settings, Contact Form 7 allows all users except subscriber users to have access to the administration panel; but allows only administrator and editor users to edit contact forms. You might feel that you would want to change this setting to restrict access even more, so I will show you how to do this in this article.
For example, let’s change access to allow only administrator users access and editing rights. You can do this by editing your wp-config.php and inserting these lines:
define( 'WPCF7_ADMIN_READ_CAPABILITY', 'manage_options' );
define( 'WPCF7_ADMIN_READ_WRITE_CAPABILITY', 'manage_options' );
WPCF7_ADMIN_READ_CAPABILITY
holds the minimum capability required for access to the administration panel, while WPCF7_ADMIN_READ_WRITE_CAPABILITY
holds the minimum capability required for editing contact forms. Obviously WPCF7_ADMIN_READ_WRITE_CAPABILITY
should be stricter than WPCF7_ADMIN_READ_CAPABILITY
, as you cannot edit contact forms without accessing the administration panel.
manage_options
is a capability that normally only administrator users have. So setting manage_options
to both WPCF7_ADMIN_READ_CAPABILITY
and WPCF7_ADMIN_READ_WRITE_CAPABILITY
allows only those administrator users access and editing rights.
You can set any capabilities you wish to these constants to fine-tune the restrictions. If you want to learn further about WordPress’ Roles and Capabilities concepts, and to learn more about what capabilities are available, check WordPress support document.