WordPress post types let us separate different kinds of content into different objects, which makes dashboard management much easier. In some projects, content submitted by users on the front end is written directly into a specific post type and then managed in the back end. In that kind of setup, we may want to stop administrators or editors from creating those posts manually in the dashboard so the data only comes from the front-end workflow.
There are two straightforward ways to do it.
Disable creation when registering the post type
When a post type is registered with register_post_type(), WordPress lets us set its create_posts capability directly to do_not_allow. Once that is done, the post type no longer shows the normal “Add New” menu item or button.
register_post_type( 'custom_post_type_name', array(
'capability_type' => 'post',
'capabilities' => array(
'create_posts' => 'do_not_allow', // Remove the "Add New" capability
),
'map_meta_cap' => true, // If users should not edit/delete posts either, consider false
));If you need to allow only a particular role to create posts of that type, you can assign create_posts to a more specific capability instead of do_not_allow.
Disable creation after the post type already exists
Sometimes the target post type is created by a plugin. In that case, editing the plugin directly is not a good idea, because the change will be lost when the plugin updates. A safer approach is to hook into WordPress during initialization and modify the post type capability there. In the example below, the default post type is altered so that creating new posts is no longer allowed.
add_action('init',function () {
global $wp_post_types;
$wp_post_types['post']->cap->create_posts = 'do_not_allow';
});There are also UI-only methods, such as hiding the “Add New” admin menu item. But those approaches are not secure. If someone knows the direct URL for the new-post screen, they can still access it. The safer options are the capability-based methods shown above.
