As I ramp up our school’s WPMU blog platform, I look forward to rolling out the new 2.7 interface. I have updated and tested my favorite plugins. DSader’s More Privacy Options, and Peter’s Collaborative Email still work. To make things even better I found a pair of plugins that will make our configuration more secure and give greater control over user privileges.
First off, there was a security hole wherein students could view pending comments that have not been approved by an administrator. Dean Matteson discovered this flaw when he realized that student comments were appearing without his having reviewed them and wrote about in his blog. He came up with a plugin that blocks access to the comments page.
Looking for new plugins for our school site I found the WPMU Menus plugin that not only solves this problem, but it allows you to enable or disable not only comments, but almost every other function in the dashboard interface. Site Admin Options reveals new choices.
The screen shot encompasses only half the options available. Beyond security, this allows administrators to greatly simplify the back end user interface making it easier for younger students to navigate.
This takes care of the comments security issue. I tested it further by appending edit-comments.php to the blog backend urls. I was still unable to access the comments page and it redirected me to the profile page.
The next plugin of particular interest is Role Manager. Role Manager is not a WPMU plugin. It must be enabled and configured on each individual blog. Role Manager allows you to change the permissions on any existing role or group of users. It also allows you to create new roles as well. Go to Users–>Roles.
While logged in as admin, you can also configure the permissions of an individual user by accessing their profile.
Of course, if you give a user the permissions to access a feature, you also need to enable access in the Menus.
I look forward to relaunching our school blogging platform this March with a fresh new back-end interface, greater security, and a simplified dashboard for our students. If anyone has any input regarding use of WPMU for the K12 setting, I’d love to hear from you!