1. Overview
  2. âš¡ Client Resources
  3. Client User Roles on WordPress Websites

Client User Roles on WordPress Websites

Applicable To: Clients on a managed support plan with Bluehour.

Purpose: To outline the policy regarding client access levels on WordPress websites hosted and managed by Bluehour and to explain why granting full admin access, including the ability to add or remove plugins, custom code, or change functionality, is not standard practice.

1. Background

As a WordPress development and hosting agency, Bluehour is committed to delivering high-performance, secure, and user-friendly websites for our clients. We handle all technical aspects to maintain this standard, including hosting, updates, plugin management, plugin conflicts, and speed optimization. This approach ensures the long-term reliability, security, and performance of each website we manage.

WordPress is the largest CMS for website creation. However, it has untrustworthy, bloated, and problematic plugins and themes. Bluehour builds your website using as few plugins as possible and only licenses premium, regularly updated software.

This means you don't have to worry about your website's health, licensing software, or performing any updates while on a support plan.

2. Access Levels Provided

All clients are granted access to their WordPress website at a user level appropriate to their needs:

  • Editor Role: This role allows clients to create, edit, and manage content (e.g., pages, posts, and media) without affecting the website’s core functionality.

  • Custom Role (if applicable): Tailored to meet specific client requirements, providing access to additional non-critical functionalities.

3. Why Full Admin Access is Restricted

Granting full admin access, including the ability to add or remove plugins, introduces several risks that can compromise the website’s stability and security:

3.1. Security Risks

  • Malware and Vulnerabilities: Plugins can contain security flaws or be outdated, making the website vulnerable to hacking. This is becoming a weekly occurrence in the space, and many new clients who come to Bluehour for support have encountered this.

  • Unvetted Sources: Installing plugins from unverified sources increases the risk of malicious code.

3.2. Performance Issues

  • Site Speed: Poorly optimized or redundant plugins will slow down a website.

  • Compatibility Conflicts: Plugins may conflict with each other or the WordPress core, causing functionality issues or even complete site failure. This is most common when updates need to be performed. All plugins Bluehour licenses are entirely compatible with each other and conflict-free.

  • Changelogs: Bluehour maintains a thorough changelog for every addition, change, or removal of all custom functionality or tools. This ensures we know exactly where to pinpoint a resolution if something breaks.

3.3. Maintenance Challenges

  • Inconsistent Updates: Manually installed plugins may not align with our scheduled maintenance routines.

  • Support Limitations: Troubleshooting issues caused by third-party changes will result in additional costs for the client.

3.4. Brand and Service Integrity

  • Our reputation as a trusted service provider relies on delivering websites that perform reliably. Unmanaged changes jeopardize the site's quality and impact the user's experience, ultimately impacting client satisfaction.

4. Alternative Solutions

If a client requires specific functionality not currently available on their site, we offer the following alternatives for a separate fee:

  • Plugin Review and Installation: Clients can submit plugin requests to our team for review. Before installation, we will ensure the requested plugin meets security, compatibility, and performance standards.

  • Custom Development: If the desired functionality is unique, we can develop a tailored solution to meet the client’s needs.

5. Exceptions

In cases where full admin access is necessary for the client’s operations, such as our Enterprise level clients (Level 3), the following steps will apply:

  1. Acknowledgment of Risks: The client must review and sign a waiver acknowledging the potential risks and agreeing to additional fees for troubleshooting issues arising from their changes.

  2. Shared Documentation: A detailed record of all plugins added or removed must be maintained between both parties.

  3. Access Monitoring: We will implement monitoring tools to track changes and mitigate potential risks.

6. Summary and Support

By adhering to this SOP, we ensure that your website remains secure, optimized, and aligned with the high standards you expect from Bluehour.
 
Having policies around restricted admin access is an industry best practice that protects your website and investment.
 

We are committed to accommodating your needs through secure and professional methods. For any questions or requests related to website management, contact our support team at client@bluehourdigital.com.

Last updated December 12, 2024
Was this article helpful?