Simple code to prevent non-admins to access /wp-admin/, perfect for login-protected sites.

WordPress Non-Admins Can't Access Dashboard

<?php
/**
 * Class-based
 **/

add_action( 'init', array( $this, 'prevent_non_admin_dashboard_access' ) );

public function prevent_non_admin_dashboard_access() {
  if ( is_admin() && ! current_user_can( 'administrator' ) && ! ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) {
    wp_redirect( home_url() );
    exit;
  }
}

/**
 * Function-based
 **/

add_action( 'init', 'bm_prevent_non_admin_dashboard_access' );

function bm_prevent_non_admin_dashboard_access() {
  if ( is_admin() && ! current_user_can( 'administrator' ) && ! ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) {
    wp_redirect( home_url() );
    exit;
  }
}