以下动作挂钩应该会有所帮助：

add_action(\'admin_init\', \'wpse28702_restrictAdminAccess\', 1);
function wpse28702_restrictAdminAccess() {
    $isAjax = (defined(\'DOING_AJAX\') && true === DOING_AJAX) ? true : false;

    if(!$isAjax) {
        if(!current_user_can(\'administrator\')) {
            wp_die(__(\'You are not allowed to access this part of the site\'));
        }
    }
}