//Membatasi akses "/wp-admin dan" "/wp-login.php"
add_action('init', 'restrict_access_to_admin');
function restrict_access_to_admin() {
    // Cek apakah user sedang mencoba mengakses wp-login.php atau wp-admin
    if ((strpos($_SERVER['REQUEST_URI'], '/wp-admin') !== false || 
        strpos($_SERVER['REQUEST_URI'], 'wp-login.php') !== false ||
		    strpos($_SERVER['REQUEST_URI'], '/dashboard') !== false) &&
        !is_user_logged_in() && 
        !isset($_POST['wp-submit'])) {
        
        if (isset($_GET['action']) && in_array($_GET['action'], array('logout', 'rp', 'resetpass', 'lostpassword'))) {
            return;
        }
        
        // Pengecualian untuk token reset password (key & login parameters)
        if (isset($_GET['key']) && isset($_GET['login'])) {
            return;
        }
        
        // Pengecualian untuk AJAX requests
        if (defined('DOING_AJAX') && DOING_AJAX) {
            return;
        }
        
        // Redirect ke halaman utama atau halaman login kustom
        wp_redirect(home_url('/blog/'));
        exit;
    }
}