This question was asked in 2013, but the answer is out of date (plugin retired).
My question is:
We want to install WordPress multisite with blog1.site.com, blog2.site.com, etc., all having single sign on.
We need to make the transition between the sites seamless so they appear well-integrated as part of one domain.
How can I make the same user logged in one of my sites automatically logged in when visit any other site from network?
I am also searching for a solution to this problem. I also found many SSO outdated/unsupported plugins and do not want to install them for security reasons.
The closest solution I could find is from here
How do I share user logins and roles across the multisite network?
By default, a user who is registered on one site cannot register or be added to another site on the same network. That’s because they are already registered in the shared WordPress database. However, they don’t have any user role privileges on other sites.
You can use third-party plugins like WP Multisite User Sync to sync users across the network. However, you need to be careful as you may end up giving someone admin privileges to a site.
But I haven't tested it thoroughly enough yet to see if it satisfies everything I need and I'm not sure where to deal with the problem mentioned in the article of "you may end up giving someone admin privileges".
If anyone else has a solution closer to the WPMUDEV SSO plugin that would be very helpful. Thanks
Related
I´m currently developing the Intranet for the company I am working for. The site is currently based on SharePoint, but I have to migrate it to Wordpress. And that´s my first developer experience with Wordpress, you just should know. Creating the theme, content and working with the WP Admin area works very well, but where I´m feeling defenseless is the permissions topic.
Generally, the whole page content is managed by the Marketing department. So, for me it is ok that they have access to WP Admin and I would use one of the predefined roles available.
But there will be also an area for the departments where specified users per department should be able to
edit the pre created page content
add subpages and edit its content (it would be nice if it can be defined which page templates can be selected by the user)
add posts for a pre created category (that should not be changeable by the user)
edit its profile and password
A whole access to WP Admin should be therefore prevented.
I read much information about roles, capabilities and reviewed forums and blogs presenting potential plugins. But to be honest, I´ve lost the overview and I´m totally scared about what´s the right way to do such like this the professional way.
Is there anybody who was already in such a situation or knows a good resource where to read more?
Thanks a lot.
John
PressPermit is the tool I choosed. It covers all needs described in my question.
Note: To use all features, you need to buy a support subscription currently available for $55 a year for one site.
However, a very powerful tool and in comparison to Advanced Access Manager I tried before, it really supports permissions also for multiple roles.
If you are thinking about, use the screencasts to see if the tool cover your needs. Unfortunately, there is no trial available, but you can request an evolution wordpress installation which was setup within one day in my case. This service costs $5.
I have a wordpress / Buddypress site.... And am having serious issues with spam users signup....
Have tried using Akismet, but it is seemingly not helping matters.
Please who has a idea as to which plugin to use or if anyone has an idea on which other method to use, please share
When you use a form for users to register you can use a captcha like in all forms, e.g. I use really simple captcha in combination with contact form 7.
Using either captcha on your forms and/or a plugin can be useful.
Many of the forms wordpress plugins come with have captcha built in - or it can be added. Google also provides reCaptcha, and doing an internet search will bring up plenty of information on both.
Two plugins I've used in the past which I've found to work well are WangGuard and WordFence
Wangguard mainly as WangGuard cleans your database from sploggers, spam users and unwanted users.
Wordfence is good as it can Block entire malicious networks. Includes advanced IP and Domain WHOIS to report malicious IP's or networks and block entire networks using the firewall. Report security threats to network owner.
Ultimately remember people will always have their own opinions on security - but there are plenty of ways to improve your wordpress / buddypress security. Wordpress also has information on Hardening Wordpress against malicious attacks
I'm being tasked at my company to work out a plan to handle 50 new clients that we're about to bring in. Each client is directly related and under an "umbrella" company that owns them all. All 50 sites will be pretty similar, each is for a different company so the themes may vary across them all.
We're planning to give them 10 themes to pick from for all 50 sites. So some of them will be very similar, some won't be at all.
Is Wordpress the best path? I'm very familiar with Wordpress. I've worked with Expression Engine before but am not as savvy as I am with Wordpress and I understand Expression Engine also has a multi site functionality.
So my question, is Wordpress Multi Site the best path for this? What would you do in my situation?
Also, if we wanted to create a user that has access to 10 of the 50 sites, is that possible? We'll need to narrow permissions.
Also, each site will need its own domain name. Is that possible?
Thanks guys!
Yes, Multisite can handle this easily.
To run Mapped Domains, using the MU Domain Mapping plugin cited by #Calle, you need to set up the network as sub-domains (opposed to a directories set up). And the mapped domains must be set as Parked Domains pointing to the directory of the WordPress Multisite installation.
Multisite user management can be a little tricky.
If some site of the network has really special requirements for its user's management, maybe you'll have a hard time.
All users of the network are given Subscriber status in all sites (this can be masked). You can easily assign one user as Administrator of 10 sites, give Super Admin access to others, use a network role management, etc.
You can have a couple of parent themes with the corporate identity and create child themes to accomodate specific needs.
Useful info:
Multisite 101, introduction to MS by one of its wizards, don't forget the tip jar if it's useful to you ;)
This ebook strives to pull it all together, explain you what skills you need to get started, and move you to the next step: running your own Network. Think of it as a basic tutorial in running your own Multisite.
Multisite Rationale, real case study for implementation of a MS Network, if you can find a document like this for Expression Engine, then you can make your choice pretty fast.
Wordpress Multisite can either be path based (www.domain.com/site1, www.domain.com/site2), or domain-based (www.site1.domain.com, www.site2.domain.com). I believe each of these sites have separate users; I'm not sure about your question about setting up a user that only has access to a certain number of the sites, but you can set up a "master user" that has access to all the sites on the network. If you use a domain based network for MS, you can then go into each of your domains you have bought for your 50 sites and forward them using DNS/.htaccess to the individual Wordpress Multisites.
I hope that makes sense :)
I am new to this site and I am a designer more so than a programmer. I have thoroughly searched for a fix or answer to this but so far found nothing.
I have a website (www.face.eu.com) that is powered by WordPress. We have customers that can log in to the site in order to download tools.
What I want to achieve is a secure area that the login customers are directed to. So, my idea was to have another installation of WordPress on a sub domain (www.users.face.eu.com) and after logging in they are directed here, the site uses the same theme therefore looks the same.
Is this possible and would it keep the user logged in after the redirect?
If you have a different installation of Wordpress, then no. These two installes have different cookie secrets in wp-config.php and so cannot share a login.
However, you should be able to accomplish this using the Network feature in Wordpress 3, which was previously named WPMU (Wordpress MultiUser). On http://codex.wordpress.org/Create_A_Network is a detailed tutorial on how to get this functioning.
If you have completed these steps, you can spawn a different blog on a subdomain, yet share plugins, themes and users.
I have a website that I want to setup so that users can register for the site but the administrator of the site will have the final say on whether or not they can be a member of the site or not.
I am running Wordpress 3.0.1 and Buddypress 1.2.5, buddypress is used to register the user, so I assume it will need to be a buddypress plugin that is used to allow or deny the user. I have searched and searched and cannot come up with any plugin that replicates this functionality. Are there any out there, or anything that gives a similar experience?
Many Thanks To Anyone That Helps,
sea_1987
Here is a BP component for Allow / Deny User:
http://webdevstudios.com/support/wordpress-plugins/buddypress-registration-options/
The description:
A WordPress BuddyPress plugin that allows for new member moderation, if moderation is turned on from the admin settings page, any new members will be blocked from interacting with any buddypress elements (except editing their own profile and uploading their avatar) and will not be listed in any directory until an administrator approves or denies their account.
I have just completed a thorough research exercise on this, with the same requirement in mind. The sad truth of the matter is that most of the plugins that supposedly give you this functionality do not work fully and properly. I tried a number of plugins including:
Buddypress Registration Options
Absolute Privacy
Angsuman’s Authenticated WordPress Plugin
BuddyPress Private Community
All of these failed to give me bulletproof security. They largely seemed to block standard WordPress pages, but didn't block public access to the Activity, Members, Groups and other sections. Other issues were simply getting it to work with WP 3.0.1. I found I had to dig into the plugin code and hack it to get a decent result.
Finally, I settled on a plugin called "registered-users-only-2". This totally blocks users who are not registered. However, it doesn't give you moderation functionality.
I hope this helps your quest.