WordPress.org

Making WordPress.org

Opened 4 months ago

Last modified 4 months ago

#3895 new task

Get Involved (make.wordpress.org) sites user audit

Reported by: azaozz Owned by:
Milestone: Priority: normal
Component: Make (Get Involved) / P2 Keywords:
Cc:

Description

We have quite a few users on the "Get Involved" sites, and lately been getting more and more. That's great! :)

To make user management a bit easier, clearer, and to enhance security a bit, thinking we would need to do an user audit, and implement some basic rules.

IMHO the following would be a good start:

  • If somebody doesn't log in for a year we automatically set them to "contributor".
  • All users should be "authors" by default. Users that need to edit_others_posts or moderate others posts' comments can be made "editors" on as-needed basis (and then set back to "authors" when editing of others posts is not needed any more).

In addition I don't think we would need any admins there, except the network SA of course.

All of this is a good security procedure that should probably be implemented for all blogs/P2s/sites on wordpress.org.

Change History (2)

#1 @azaozz
4 months ago

  • Type changed from defect to task

This ticket was mentioned in Slack in #meta by tellyworth. View the logs.


4 months ago

Note: See TracTickets for help on using tickets.