I have a website that I want to setup so that users can register for the site but the administrator of the site will have the final say on whether or not they can be a member of the site or not.
I am running Wordpress 3.0.1 and Buddypress 1.2.5, buddypress is used to register the user, so I assume it will need to be a buddypress plugin that is used to allow or deny the user. I have searched and searched and cannot come up with any plugin that replicates this functionality. Are there any out there, or anything that gives a similar experience?
Many Thanks To Anyone That Helps,
sea_1987
Here is a BP component for Allow / Deny User:
http://webdevstudios.com/support/wordpress-plugins/buddypress-registration-options/
The description:
A WordPress BuddyPress plugin that allows for new member moderation, if moderation is turned on from the admin settings page, any new members will be blocked from interacting with any buddypress elements (except editing their own profile and uploading their avatar) and will not be listed in any directory until an administrator approves or denies their account.
I have just completed a thorough research exercise on this, with the same requirement in mind. The sad truth of the matter is that most of the plugins that supposedly give you this functionality do not work fully and properly. I tried a number of plugins including:
Buddypress Registration Options
Absolute Privacy
Angsuman’s Authenticated WordPress Plugin
BuddyPress Private Community
All of these failed to give me bulletproof security. They largely seemed to block standard WordPress pages, but didn't block public access to the Activity, Members, Groups and other sections. Other issues were simply getting it to work with WP 3.0.1. I found I had to dig into the plugin code and hack it to get a decent result.
Finally, I settled on a plugin called "registered-users-only-2". This totally blocks users who are not registered. However, it doesn't give you moderation functionality.
I hope this helps your quest.
Related
This question was asked in 2013, but the answer is out of date (plugin retired).
My question is:
We want to install WordPress multisite with blog1.site.com, blog2.site.com, etc., all having single sign on.
We need to make the transition between the sites seamless so they appear well-integrated as part of one domain.
How can I make the same user logged in one of my sites automatically logged in when visit any other site from network?
I am also searching for a solution to this problem. I also found many SSO outdated/unsupported plugins and do not want to install them for security reasons.
The closest solution I could find is from here
How do I share user logins and roles across the multisite network?
By default, a user who is registered on one site cannot register or be added to another site on the same network. That’s because they are already registered in the shared WordPress database. However, they don’t have any user role privileges on other sites.
You can use third-party plugins like WP Multisite User Sync to sync users across the network. However, you need to be careful as you may end up giving someone admin privileges to a site.
But I haven't tested it thoroughly enough yet to see if it satisfies everything I need and I'm not sure where to deal with the problem mentioned in the article of "you may end up giving someone admin privileges".
If anyone else has a solution closer to the WPMUDEV SSO plugin that would be very helpful. Thanks
I am helping out a friend and rebuilding her dance business site.
Requirements:
- site owner friendly CMS for updates
- Prefer a free cms
- main site and a few pages will be for new/potential clients
- members only section where she can post updates instead of having to email a news letter.
- an additional page or 2 exclusive to members where videos can be posted for at home practice
I am thinking wordpress may be a great option for this. Any tutorials out there to help with the initial build of a member only section? I want to make sure I lock down the member section properly.
I am hoping to also generate an email each time a post is made in the members only section. Also use categories in the members only section to generate emails to members with corresponding tags that an update was made.
Is this attainable?
I am open to other CMS platforms but they must be responsive, free, and easy for the site owner to update.
Go for wordpress. As you are a starter use subscription / membership plugin to manage the member setting that you desire, and for email you can use newsletter plugins (both free adn paid) . Hope this helps :)
And for the final question : no wordpress is the easiest one out there
I´m currently developing the Intranet for the company I am working for. The site is currently based on SharePoint, but I have to migrate it to Wordpress. And that´s my first developer experience with Wordpress, you just should know. Creating the theme, content and working with the WP Admin area works very well, but where I´m feeling defenseless is the permissions topic.
Generally, the whole page content is managed by the Marketing department. So, for me it is ok that they have access to WP Admin and I would use one of the predefined roles available.
But there will be also an area for the departments where specified users per department should be able to
edit the pre created page content
add subpages and edit its content (it would be nice if it can be defined which page templates can be selected by the user)
add posts for a pre created category (that should not be changeable by the user)
edit its profile and password
A whole access to WP Admin should be therefore prevented.
I read much information about roles, capabilities and reviewed forums and blogs presenting potential plugins. But to be honest, I´ve lost the overview and I´m totally scared about what´s the right way to do such like this the professional way.
Is there anybody who was already in such a situation or knows a good resource where to read more?
Thanks a lot.
John
PressPermit is the tool I choosed. It covers all needs described in my question.
Note: To use all features, you need to buy a support subscription currently available for $55 a year for one site.
However, a very powerful tool and in comparison to Advanced Access Manager I tried before, it really supports permissions also for multiple roles.
If you are thinking about, use the screencasts to see if the tool cover your needs. Unfortunately, there is no trial available, but you can request an evolution wordpress installation which was setup within one day in my case. This service costs $5.
I have a wordpress / Buddypress site.... And am having serious issues with spam users signup....
Have tried using Akismet, but it is seemingly not helping matters.
Please who has a idea as to which plugin to use or if anyone has an idea on which other method to use, please share
When you use a form for users to register you can use a captcha like in all forms, e.g. I use really simple captcha in combination with contact form 7.
Using either captcha on your forms and/or a plugin can be useful.
Many of the forms wordpress plugins come with have captcha built in - or it can be added. Google also provides reCaptcha, and doing an internet search will bring up plenty of information on both.
Two plugins I've used in the past which I've found to work well are WangGuard and WordFence
Wangguard mainly as WangGuard cleans your database from sploggers, spam users and unwanted users.
Wordfence is good as it can Block entire malicious networks. Includes advanced IP and Domain WHOIS to report malicious IP's or networks and block entire networks using the firewall. Report security threats to network owner.
Ultimately remember people will always have their own opinions on security - but there are plenty of ways to improve your wordpress / buddypress security. Wordpress also has information on Hardening Wordpress against malicious attacks
I recently upgraded to WPMU 2.8.6 and ever since, my users can't log in on their individual blogs, but they can log in from the main page.
My site is at blogs.mtwp.net (we're a school district).
So if a user goes to blogs.mtwp.net/BLOGNAME/wp-login.php, their password is rejected. If they go to blogs.mtwp.net/wp-login.php, they can log in and get to the dashboard from there.
But it's not all users. Site admins can get in just fine.
We're using wpDirAuth 1.4 if that makes a difference.
Honestly, I'm stumped. Any help would be very much appreciated. Thanks!
you would seem to have enabled the WPdirauth plugin at the top level blog but not on others. Only your top level blog will have the necessary information to connect to your directory.
Site admins are not typically part of your internal directory - they're a Wordpress user which means they can still log-in ok without needing to connect to Active Directory or whatever you're using.
Enable WPdirauth on all blogs that you need users to login to.
Try reviewing your wp-config file. You should see something like this:
define('SUBDOMAIN_INSTALL', true);
Depending on how you've configured Wordpress, this must be enabled to log in to the dashboard of secondary sites.