[wp-edu] For those who host WordPress sites for others...a question on how to let a site owner update plugins

Dixie Lang ddlang at wisc.edu
Tue Oct 1 14:28:30 UTC 2013


Greetings fellow WordPress users,

Background:
I work in an IT department that provides WordPress hosting and support for three academic departments. Our users are mostly faculty and grad students, and the sites focus on their research labs. 

We maintain a WP multisite with about 55 sites. As the multisite sysadmin, I manage the themes, plugins and WP core files. I also create child themes and write plugins.

Most of our sites are very simple and require little content maintenance (very few blog). One lab group, however, wanted social media plugins that did not play well with the multisite. I moved them to a separate Linux VM running Apache with a single WordPress installation. 

The lab owner (a faculty member) wants to be able to install and configure plugins on his own so he can play with Twitter plugins. He is currently admin on the site.

Technical Implementation Question
Is it possible to give a site admin on a single WP installation the ability to install, update, and configure plugins, but not delete them or touch core? 

I talked with our Linux sysadmin, and we have thought of 3 possible ways to do this:
1) By plugin
2) Through the VM, by creating a Linux user account then letting him enter than information in the WP connection screen
3) (worst case) Give him SSH access to the plugins folder on the VM and let him use a tool like WinSCP to upload the files

Re #2, the posts I found in the WP Codex led me to believe that the user account entered into the WP connection screen must be in the www-data group or root group. That is a higher security priv that our Linux sysadmin prefers to give him.

Thank you in advance for any guidance you can provide.

Sincerely,
Dixie Lang
Web Developer
Russell Labs Computing 
University of Wisconsin-Madison


More information about the wp-edu mailing list