Your membership business is powered by many components: the WordPress web software, your web host/server, theme and plugin providers, a payment gateway and countless third-party services for analytics, email marketing, team communication, security and more.
This post covers the best practices for sharing account access among your internal and external team.
First, remember to only give as much access as the team member needs to get the job done.
This principal should be your #1 guide you as you make decisions about account access.
For your WordPress Admin…
Not everyone on your team needs to be the Administrator role on your WordPress site. Assess each team member’s responsibilities and choose the appropriate role for their account. For a review of WordPress roles and capabilities, see this guide from the WordPress Codex.
If you have a team member that doesn’t need administrator access, but you would like to give access to the Membership section, see our Membership Manager Role Add On.
For your Web Server…
Always avoid giving out the server’s root password. Some servers host more than one of your website projects, there is no reason to give a team member or support person access to the entire server.
Instead, create FTP accounts for each unqiue member and assign permissions to the appropriate folder. This allows you to control and limit a person’s access to specific data on your server, and to later remove that access by deleting the FTP user.
For Third Party Services…
This will vary by service, but the basic gist is to select the appropriate roles and permissions based on what that user needs to be able to do.
Take Google Analytics for example. You can assign users to a property with several permission settings.
The same applies to communications tools like Slack or Trello, payment gateways like Stripe and Braintree, and marketing programs like MailChimp and Infusionsoft.
Choose wisely.
Second, create a unique log in for each person working on your project.
Avoid sharing logins whenever possible. In your WordPress admin, you can create a unique account for each person on your project. This allows you to later remove that access and downgrade the account’s access to a lower tier role.
- Never share your own administrator login for your WordPress site, create a new one.
- Instead of sharing your personal Google account log in, assign access to the account using the team’s Google email.
- Always look for a way to add users to your account before sharing your personal login.
Third, remove access when access is no longer needed.
I cannot tell you how many past clients I can still review Google Analytics reports for, or see the performance of their latest email campaign in my MailChimp account.
Spring Cleaning for your WordPress Users
Take a look at your WordPress Users list under the Administrator role (and maybe Editor and Author as well). Are all the people in this list still working with your project? Probably not.
In this case you have a few choices when you need to remove a user’s access. You can edit the User account and change the Role to Subscriber. Their account will still be active but they will no longer be able to access any higher tier capabilities.
If you would prefer to delete the user, make sure they are not the author of any posts or pages. These will need to first be reassigned to an active user, or they will be deleted (yikes).
A third option is to keep the account, but change the account email address to one of your own. I would also advise updating the password to one of WordPress generated crazy passwords.
Spring Cleaning for other Third-Party Services
If you’ve added anyone as a user or manager for a third party service, navigate back to the user management section of the service and remove or downgrade their role. This varies by service, but it should be accessible on the same page that you used to add them in the first place.
Spring Cleaning for IPN Debug
One other hidden place that our support team occasionally will be added is in your PayPal IPN debug settings in the wp-config file. See this post for how to add the IPN debug email (you can remove access by undoing those steps).
Ready to get moving?
I hope that you have learned a little bit about how you can maintain the security of access to your membership site and third-party services.
The principles in this post will help you and your team work together safely and ensure that even a team member with best intentions isn’t able to “accidentally” break everything. And even more importantly, that an ex-team member isn’t able to “accidentally on purpose” break things, too.
Access for Paid Memberships Pro Support
If we’ve asked for a WordPress admin login and FTP in order to assist you in troubleshooting, here are the steps to create and safely share this information:
- Go to Users > Add New in your WordPress admin.
- Enter username: pmprosupport
- Use email address: [email protected]
- Generate a password (copy and save this password)
- Add the User
Then, in your support thread, post a private reply with your WordPress admin login URL, the username (pmprosupport or other), and generated password.
If we need access to your server, add a new FTP user for your web folder (make sure it has access to the web root or the specific folder your site is stored in) and share in the private reply. If you cannot add a new FTP user and need to share your own personal FTP account, you can always change the FTP password at a later time to remove our ability to log in.
One last little recipe…
This last recipe allows you to restrict access to your Membership > Reports section. Some site owners are sensitive to who is able to see just how much cash is coming through. This recipe would be useful if you have a team member who needs administrator access for various reasons, but does not need to be able to view reports about the performance of your membership business.
The Code Recipe
This code recipe requires a premium membership.