Skip Navigation

[Resolved] Non logged in users can access a category page though the CPT is set to private

This thread is resolved. Here is a description of the problem and solution.

Non logged in users can access a category page though the CPT is set to private

You can use the pre_get_posts action hook to disable the taxonomy term archive.

You can find the proposed solution in this case with the following reply:

Relevant Documentation:

This support ticket is created 2 years, 8 months ago. There's a good chance that you are reading advice that it now obsolete.

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

Sun Mon Tue Wed Thu Fri Sat
- 10:00 – 13:00 10:00 – 13:00 10:00 – 13:00 10:00 – 13:00 10:00 – 13:00 -
- 14:00 – 18:00 14:00 – 18:00 14:00 – 18:00 14:00 – 18:00 14:00 – 18:00 -

Supporter timezone: Asia/Kolkata (GMT+05:30)


This topic contains 2 replies, has 2 voices.

Last updated by nelsonT-2 2 years, 8 months ago.

Assigned support staff: Minesh.



I have created a CPT with a taxonomy and created roles in Access. Three of the roles I have set are "President/Secretary" and "Concil members".

In Access, I have set the CPT to be only access by the members of those two groups (all access for "President/Secretary" and Read only access for "Concil members).

If I access the "page" from a private window, I can see the title, but not the content (I used a Content template)... I honestly was expecting to see a 404 page error, since that's what I putted in the settings... But it's not the worst...

I created a menu (only visible for people of those two groups, thanks to the "IF menu" plugin). In it I putted links to the different categories (my taxonomy) of documents. With great surprise, if I copy/paste the url (site/category/category-term) I can see all the elements of that category... If I click on it, I arrive on the previously mentioned page... Should that page lead to a 404 page (or at least be empty or similar) since the user don't have access to that content?

So, basically, what I would want is that if we copy/paste either the category URL or the post URL itself, it both leads to a 404 page.

Thank you,



Languages: English (English )

Timezone: Asia/Kolkata (GMT+05:30)

Hello. Thank you for contacting the Toolset support.

The URL you are saying (site/category/category-term) is actually a taxonomy archive.

You should try to add the following code to set the 404 error for taxonomy archive to disable the access using URL.
=> hidden link


Thank you Minesh.

By default, the code you pointed me to disable the taxonomy for everyone (including admin). Since I wanted to allow it for some roles and not for other, I had to combine it with some other code, but it worked.

Here's the final code (that I added in the Toolset settings):
function jb_disable_tax_archive($qry) {

if (is_admin()) return;

if (is_tax('categorie-de-document')){
$user = wp_get_current_user();
$allowed_roles = array( 'administrator', 'president_secretaire', 'membre_du_conseil' );
if (! array_intersect( $allowed_roles, $user->roles ) ) {

In case it can help others...