You log in to your WordPress site and expect to see the dashboard. Instead you suddenly get a message: “Sorry, you are not allowed to access this page.” That can be alarming — you’re logged in, right? This message can be confusing, but often nothing is broken: WordPress is simply telling you that you don’t have the right permissions to view that page. In this article I explain when you might see this message, what it means, and why it’s actually a deliberate security measure (not a site error).
When does this message appear?
This message usually shows up when you try to access a part of the WordPress admin (dashboard) for which you don’t have permission. It often happens right after logging in, for example when you go to the Plugins page or a specific dashboard setting without the right role. WordPress recognizes that your account doesn’t have the required rights for that action or page, and blocks access. Instead of the requested page you see “Sorry, you are not allowed to access this page.”
What does this message mean?
The text says it all: at that moment you don’t have permission to view that page (or perform that action). In other words, your user account lacks the needed rights for what you’re trying to do. It’s important to realize this is not a random error, but a built‑in security message in WordPress. WordPress prevents someone without the proper privileges from entering sensitive parts of the site. Ultimately, “Sorry, you are not allowed to access this page” simply means your configured user rights are blocking you at that point.
User roles and permissions in WordPress
In WordPress each user has a role with associated permissions. The default roles range from administrator to editor, author, contributor, and subscriber. Each role can do different things on the site. An administrator has full control, while a subscriber is very limited and can basically only log in and comment.
Take a practical example. An administrator can change everything — from installing new plugins and changing settings to deleting users. An editor, on the other hand, can only manage content (write, edit, and publish posts and pages) and has no access to critical areas like site settings, plugins, or themes. If an editor tries to open the plugins page or a settings screen, WordPress blocks it with the “not allowed” message. The same applies to other roles with limited permissions: they see “Sorry, you are not allowed to access this page” as soon as they try to do something outside their privileges.
Not everyone should be able to do everything (security)
It’s intentional that not every user can do everything. Imagine if every logged‑in user could delete plugins or change settings — that would cause problems quickly. By using roles and limited permissions, WordPress protects your site. Someone who isn’t an administrator simply can’t make critical changes. Think of it like locks on certain doors: only those with the right key (permissions) can enter. This security layer prevents not only malicious actions but also well‑meaning users accidentally breaking things outside their knowledge.
Logged in but still no access?
It feels contradictory: you’re logged in, yet you still see “no access.” But remember: logging in only means WordPress knows who you are — not that you can go everywhere. Your role determines what you can and can’t do. If your account has limited rights, it’s completely normal that you can’t access certain areas even after logging in. That’s not a WordPress error; it’s working as intended.
If you are the site owner or administrator and still see this message, then something is wrong. It’s possible that a plugin, theme, or WordPress update changed something so WordPress no longer recognizes you as admin. In that case, your account’s permissions need to be fixed.