184 - Limited client access v's full access

Debate with Nathan Wrigley and David Waumsley

Setting up the Debate

We see this debate all the time. Some WordPress freelancers and agencies give clients full admin access to WordPress. Some give another role, such as the Editor role or (with WooCommerce) a Shop Keeper role.

Some completely reconfigure and white label the WordPress dashboard. Some give an Editor role for everyday use and an Admin role so they have ownership. I’m sure there are more variations.

Perhaps you've changed your position on this over the years, or still have a level of uncertainty.

Perhaps the size of your team matters? If it's just you dealing with the website, you might have greater oversight into what's going on and feel more willing to allow a client to have the Administrator role.

To here are some of the things that we think are important when deciding what user role to allow your clients:

Limited client access

• make the website bullet proof for clients
• reduce the confusing clutter created by lots of plugins a client should not need to see
• arguably website care plans are a good thing for clients and us professionals so surely the Admin role should be for us in those circumstances?
• it prevent clients from installing plugins / themes which could break sites, slow them or compromise security
• in most cases you can use snippets or a Role Editor plugin to customise client access
• prevent clients on Care Plans running off with your licenses - gor those who are not using GPL software this can be more of and issue as they are not even entitled to the code itself

Full access

• transparency - nothing is hidden from the client
• perhaps a more adult relationship of trust is created by it
• one of the benefits of WordPress is the ownership that comes with open source
• some useful plugins are not accessible to clients - Analytify Free and Gravity Forms
• clients are increasingly expecting to be able to manage more aspects of their own site - if they Google for WordPress help they will see articles that assume they have admin access
• if you adopt the position that you are helping them on THEIR site they take responsibility for it, if they break stuff they will pay you to fix it
• you shoulder less of the blame when there is an issue with WordPress and plugins
• avoiding the extra weight and problems that comes with trying to maintain a granular set of permissions - things can break and suddenly the client sees (or looses) options in the Admin area

So where do you stand on this one. Allow the clients full access to their WordPress website, or try to limit access for a whol raft of reasons. Both are possible, but it one better? After listening to the podcast, perhaps join the conversation below or in the WP Builds Facebook Group.

Mentioned in this episode

User Role Editor

Editor Menu and Widget Access

Members – Membership & User Role Editor Plugin