New to the community? Start here

Is a partially restricted admin user a threat to the WP security?

Hello, I have more of a general question here, which google didn’t answer.

I’m creating a ticket selling platform on which on one side the organizers have the possibility to register and have a (manually created) WP admin account through which they can create events and tickets.
On the other side people can buy the tickets through Woo and the organizers can check them through an QR app.

So there a lot at stake here, thousands of attendee and event data, organizers private data like invoices etc – this should never get lost, not even stop working for more than a few minutes, like the site should be ROCK solid.
So I started considering WPMU as a good starting point, because you offer the basic security, and the snapshots plugin is exactly what I was after. Then I would like to find one dedicated guy to take care of the rest of the security, cause I myself know nothing about it.
A friend who worked at a antivirus company told me it might me certainly safer to use WP than to code the platform myself – is he right about that?

But now my main question is how much should I worry about the security of the admin? If the organizer users have a partially restricted access to the admin (they will be able to edit only their own content and they will have access only to the event and ticket posts and own profile settings) and a hacker would get hold of this account, is he able to get in the other parts of the WP admin / is he able to harm the WP with this kind of access?

I am considering another option – to use multisite – one site for the admin area, the other for the front end shop – and maybe use Broadcast to copy the content from one side to the other. Or I could even use one site per each admin user. I thought it might give the site an extra layer of security, but maybe I am absolutely wrong, maybe the opposite.

Fun fact – the owner of the biggest ticket selling company here is the prime minister, a very well known villain, and these people don’t like competition and they don’t mess around, so I should be prepared for anything :slight_smile:

I would be very glad if you could answer me these questions. I am still looking for the security guy and I would like to start working in the meantime, so if WPMU is a good option, I would start with that. Not sure about the multisite option though.

Thank you!
Martin

Fri, 28 Feb 2020 9:45:16
  • Kasia Swiderska
    • Support nomad

    Hello Martin Kotecký ,

    A friend who worked at a antivirus company told me it might me certainly safer to use WP than to code the platform myself – is he right about that?

    Yes, he is. Especially when it comes to complex solutions that involve payments and user data.

    If the organizer users have a partially restricted access to the admin (they will be able to edit only their own content and they will have access only to the event and ticket posts and own profile settings) and a hacker would get hold of this account, is he able to get in the other parts of the WP admin / is he able to harm the WP with this kind of access?

    That depends… In a perfect scenario, when there is no vulnerability in the code of plugins that you will be using, a person who would gain access like that could only posts/delete/edit content for that account – so some damage can be done. But with only access like that, and we assume that there are no bugs in the code that could allow gaining more permissions, they won’t be able to make more damage.
    You need to remember that there is no 100% secure code.

    I am considering another option – to use multisite – one site for the admin area, the other for the front end shop – and maybe use Broadcast to copy the content from one side to the other.

    Each of your sites will have the wp-admin area. It not possible to have one site for the front end.
    If you give your users the same permissions as you plan for a single WordPress, then it is still the same case. If the code doesn’t have a vulnerability that allows gaining access to the super admin account, it will be fine.

    Using Multisite make sense when you want to have separate sites for different things. Check our blog post about Multisite https://wpmudev.com/blog/ultimate-guide-multisite/ and decide if Multisite is what you need.
    Code of WordPress will be the same in both cases. Multisite WP doesn’t make the site more secure.

    kind regards,
    Kasia

  • Martin Kotecký
    • Design Lord, Child of Thor

    Ok, this makes quite sense, I took the wrong thinking aproach. So one site it is.

    So if a solid code is enough, how can I make sure that there are no vulnerabilities in it?
    I read that the Defender plugin is able to check the plugins for vulnerabilities. But as well I read that it is essential to upgrade the core and the plugins – so does that mean that there were vulnerabilities in the code all along and the developers now found it and made an upgrade or does it mean that the hackers found new ways how to get through? Should I care about the new code only once I have checked the main setup or do I have to check the whole WP code regularly?

    I plan on using as little plugins as possible and the basic WP theme. Do you know a user access restriction plugin you could recommend?

    Thank you.

  • Kasia Swiderska
    • Support nomad

    Hello Martin Kotecký ,

    So if a solid code is enough, how can I make sure that there are no vulnerabilities in it?

    You need to make sure that everything is updated to the latest version. But there is never a 100% guarantee that the code is safe.

    I read that the Defender plugin is able to check the plugins for vulnerabilities.

    That is correct, Defender scan your WordPress and checks if plugins/themes have known (and reported) vulnerabilities. It also checks for suspicious code.

    But as well I read that it is essential to upgrade the core and the plugins –

    Correct, updates are always important.
    https://jakegroup.com/blog/the-importance-of-updating-wordpress/

    Security is the primary reason you should keep your WordPress site up to date; updates often feature security enhancements that prevent sites from being exploited. Since WordPress is open source, it benefits from a community of developers and security experts who are constantly testing every version of the software and properly reporting security fixes. Failing to update the latest version of WordPress can make your site an easy target for hackers and malicious code distributors.

    so does that mean that there were vulnerabilities in the code all along and the developers now found it and made an upgrade or does it mean that the hackers found new ways how to get through?

    It means there was a piece of code that could be exploited and someone found that way – so we could say it’s both. Most of the times when the site is hacked are because of outdated software.
    This also applies to PHP versions https://www.wordfence.com/blog/2018/10/php5-dangerous/

    I plan on using as little plugins as possible and the basic WP theme. Do you know a user access restriction plugin you could recommend?

    Using fewer plugins is actually a good idea. I’m not able to recommend any plugins since I haven’t used any in personal projects. There is a list that might help https://ninjaforms.com/blog/wordpress-restrict-user-access/
    You can also ask for recommendations on our Members forum https://wpmudev.com/forums/forum/members/

    kind regards,
    Kasia