This guest post is by Juliana Payson from InMotion Hosting
As a long time WordPress user, I have run many successful websites in the past and have invited many writers/contributors/developers to join my team. To make the process easy, I had to give them access to the WordPress backend. This decision comes with its own risks and rewards. In this article, I will share how I manage a WordPress collaborative site safely and effectively.
WordPress is a dynamic platform by nature. On top of that, websites are always evolving and competing with the current evolution of web design can be tough at times. Web trends for blog design have changed from the sidebar orientation of the 90s, the floating header banners of the Noughties, and now we're just pushing the bar with HTML5. For people like me, experimenting with how far you can push WordPress interactivity is part of blogging. I often break the site while experimenting, and then have to give someone admin access to help me fix it. Sometimes I want features in my themes that are beyond my ability to implement. Other times, I need help managing comments or just don't want to go through the process of copying and pasting articles from our content writers. To manage my time efficiently and focus on what I'm good at, I use writers, contributors, and developers to help me run my websites successfully.
One of the positive aspects of building a team is that you can get a group of passionate people who are willing to put in the time and effort to build your website. This is the time you can use to focus on what you do best! For starters, if you prescribe choosing the right people and spending that extra time being careful, you'll avoid many of the problems I'll describe below. This is the first advice to control the security of your server installation, choose a passionate and good-natured team!
I have often used eLance, invited bidders with specific skill sets and negotiated with their bids. The negotiation process just gives you a good idea of their nature and whether you would like to work with them and entrust them with access to your WordPress hosting.
Here's the trick to inviting the right offer for the job you're offering. "It should be EASY for someone who KNOWS how..." those few words will immediately filter out those who say it's a two week job, perhaps to negotiate a higher price. You are likely to get a wide range of offers if this is your first time at eLance, don't be put off by the seemingly high prices or lured by the lowest offer. Give yourself time to communicate with each one and get a sense of their negotiation skills. This guy was a previous winner with me, and I negotiated the price of the offer by showing him the level of planning and preparation I had gone through before finishing the job. This ensured that he knew that he didn't want any duplicate effort on top of things he had already spent time preparing. The key words I picked up were that he expressed how interesting, fun and easy the task was. I am willing to choose passionate people in my team.!
The proven skills I look for when it comes to potential WordPress admins in particular are:WordPress 3.1, CSS 3.0, PHP5. Tested skill sets are done against a timer, so you know the person you're hiring isn't learning on the job.
You can always give people an opportunity that they've never worked at eLance before, but there's a learning curve associated with how to communicate effectively with your new teammate, and I treat them as such. If the communication feels abrupt instead of concise, I take this as a pitfall that's probably best avoided.
Giving an "administrator" level account can be risky. Especially if it's someone you DON'T KNOW that well. Also, not all members of your team need to have the same set of permissions. For example, if they are an author, they should only have permission at the author level. Sometimes you might want to promote an author as a community admin or moderator, so you can simply create a new role that adds that ability to your user role. For this I use User Role Editor Plugin.
In this particular case, I chose to create a new role called "webmaster" that gives the user a specific set of permissions. To do this, you need to go to the User Role Editor settings and create a new role type. I gave this 'webmaster' role all the capabilities of an 'Editor' to start with. This person may need to go into some of the posts on my page and fix errors in the HTML, so at a minimum I need to give this person editor controls.
Once you have successfully created a "Webmaster Role", select the user role from the dropdown list and add any additional capabilities you want. In my case I have added the following:
I can log in at any time and remove privileges once the tasks are complete.
Now, assign your new user the general capabilities of your new 'Webmaster' role:
Select the new user you created, a subpage will appear giving you the opportunity to assign the new role type you created. Tip:Don't actually set 'Admin' as the username, it's common for someone to hack if you have half the work done for them using a global name. I've used this for demo only!
While role management is a good way to stay in control, for added peace of mind there is a plugin that will keep track of what all registered users are doing.
It does this by reporting the changelog of user activity in a central location.
Hopefully you've now reduced the margin of error on your multi-author site, and have some peace of mind that anything that comes up as a result of user error or tampering is at least traceable. Now that you know how to keep your site secure with multiple collaborators, here's an article that will show you how to manage a good editorial workflow and keep your collaboration team more organized.
Juliana Payson (@JulianaPayson) is a Los Angeles-based Content Manager for InMotion Hosting, famous for her dedicated hosting. She develops content based on web 2.0 design and website 'Socialization'..