In most cases, giving people unrestricted access to your dashboard isnβt a good idea. After all, the more people with administrator privileges, the greater the chance of a problem arising that could have serious consequences for your site.
One excellent way to limit the number of people with access to your dashboard is to use temporary links to share sensitive content. This means if you need to share WordPress post drafts, for example, you wonβt have to provide users with an account to see them. In this article, weβll teach you how to do that, but first, letβs talk a bit more about the dangers of unrestricted access.
Why You Should Restrict Access to Your WordPress Dashboard
The more users with access to your dashboard, the greater the overall risk.
One of the easiest ways to improve security for any platform is to restrict access based on user roles. For example, not everyone needs an administrative account to do their jobs. Making sure the right roles are set is a primary element in keeping your website safe.
Default lower-level WordPress user roles are often quite restricted. Even so, you still donβt want to give out dashboard access to everyone. As a rule of thumb, people shouldnβt have their own accounts unless theyβre regular contributors in one capacity or another, and hereβs why:
- More accounts equals increased risk.Β Think about each account with dashboard access as a potential entry point for attackers. It sounds a bit paranoid, but safety should always be a priority for website owners.
- Users can cause errors on your website.Β Depending on their account privileges, people with dashboard access could break parts of your site by messing with features they donβt understand.
The good news is there are ways to provide users with temporary access to specific parts of your site. For example, you can use temporary links to share WordPress post drafts with anyone you like. Letβs talk about one tool to help you implement that feature.
An Introduction to the Public Post Preview Plugin
The Public Post Preview plugin is a simple tool that solves a complex problem. It enables you to share your post drafts with anyone you want using a single link. This means if you want someone to check out (or even edit) one of your posts, you donβt need to set up an account for them.
More importantly, every link the plugin generates is set to expire automatically after 48 hours. This means even if the link gets passed around, it will stop working after that period, and no one without an account will be able to touch it.
In practice, this feature can be helpful if you run a blog and occasionally want someone to look over your pieces before they go live. Plus, the code behind the plugin is theme independent, so it works with any website, including Divi blogs.
Key Features:
- Create temporary access links for your WordPress post drafts.
- Set your links to expire automatically, to prevent unauthorized access down the line.
- Configure how long it takes for your links to expire if you need to.
Price:Β Free | More Information
Before you can start sharing, youβll (of course) need to install and activate the Public Post Preview plugin. Also, the optional second step will require you to access your WordPress files via File Transfer Protocol (FTP), and we recommendΒ FileZilla for this purpose.
This part is straightforward. Simply select the post you want to share and open it using the WordPress editor. Once youβre in, youβll see a newΒ Enable Public PreviewΒ option in theΒ PublishΒ metabox:
Once you click the checkbox, the temporary link will appear below:
At this point, you can copy and send it to whoever you want to access your post drafts. Itβs that easy!
As we mentioned, by default links will only work for 48 hours from the moment theyβre created. However, if you want to change that time, check out the next section.
Step #2: Modify the Lifespan of Your Temporary Links (Optional)
The Public Post Preview plugin uses a type of security token called βnoncesβ, both to enable access to your post draftsΒ and toΒ determine the lifespan of their links. If you want to change the length of that lifespan, you can do so by modifying the pluginsΒ ppp_nonce_lifeΒ function.
First off, access your website using FTP, then go to theΒ public_html/wp-content/plugins/public-post-previewΒ folder. Inside, youβll find a file calledΒ public-post-preview.php.Β By right-clicking it and using theΒ View/EditΒ option, itβll open using your default text editor:
Once youβre in, use your editorβs search function to locate the Β ppp_nonce_lifeΒ string. It should appear in the middle of the following code snippet:
$nonce_life = apply_filters( 'ppp_nonce_life', 60 * 60 * 48 ); // 48 hours
This is the code we need to alter to change your linksβ default lifespan. For example, if you want to set it to 72 hours instead of 48, just replace the third number in the sequence. This governs the number of hours the link will remain active for, so tweak it as needed. You can also limit access to mere minutes, as in the following exampleβ¦
$nonce_life = apply_filters( 'ppp_nonce_life', 60 * 30 ); // 30 minutes
β¦where the link will only βliveβ for half an hour. However, thatβs probably too restrictive, so we recommend setting it to a couple of hours at the very least. Do note that everything after theΒ //Β characters is whatβs known as commentary, so it doesnβt impact the lifespan of your links. Itβs just there so you can take notes about the changes you make.
Once youβve settled on the new lifespan for your links, save your changes to theΒ public-post-preview.phpΒ file, close it, thenΒ carry out a quick test to make sure your link works.
Conclusion
Whenever possible, youβll want to limit the number of people who have unrestricted access to your dashboard. After all, not everyone needs an account, and in some cases you can provide temporary access to specific sections. That way, your website will be less vulnerable on the whole.
For example, if you want to share your WordPress post drafts, you can always use the Public Post Preview plugin. Hereβs how:
- Choose a post and get a temporary link for it.
- If you want to, modify how long the link will remain active by editing theΒ public-post-preview.phpΒ file.
Do you have any questions about how to share WordPress post drafts using temporary links? Ask away in the comments section below!
Article thumbnail image by Booba22 / shutterstock.com.
Great article and review about the Public Post Preview. I can see that being of use to a number of users.
Thanks Roy! We’re glad you found this post useful. π
Thanks John. I found this article to be quite helpful. Have been in this situation of wanting to share a draft before but you just came to my rescue.
You’re welcome, Walter! Thanks for commenting. π
Very nice thankyo.
You’re welcome! π
Magic!
Hi David! Thanks for reading. π
Public post review is a great plugin which I am using it for my blog and also for my team collaboration. The thing I am looking for is an option where non-logged in users can vote or give their feedback which is not possible with this plugin. Is there any other where I can do it?
A very educative write-up. The information about the plugin is very useful. Anyone can use such tips for their projects. Very helpful for the newbies.
Thanks, Ananya! We’re glad you found this post so useful. π
John, very nice.
Many thanks.
You’re welcome! Thanks for taking the time to read our post. π
How handy! Thanks for sharing that plugin. π
Hi Carolyn! You’re welcome. π
Son, I canβt be more grateful because this is what I need just now?.
Thanks a million!
You’re welcome, James! We’re glad you found this post so helpful. π
Oh! Good find!
This plugin seems useful!
Hi, thanks for your comment! π