How to change the minimum user role needed to use SecuPress

To use SecuPress, you have to be an Administrator of the site, i.e you have to have the administrator user role.

On a multi-site, there are two things to note :

  • You have to be an Administrator of the network to have access to the whole of Secupress : the scanners page, the modules, the settings or the logs.
  • Sometimes, SecuPress needs to communicate with the Administrators of each site and send them a notice and/or direct them to a specific dedicated page. In these situations, the same rule as on a single site apply : you need the administrator user role.

The first rule cannot be modified : you have to be an administrator of the network to have access to the whole of SecuPress.

However, the second rule can be modified : for example you can give Editors access to the SecuPress interface or create a specific user role just for that.

To do that, we'll create a « Must Use » plugin.

  1. Read the « How to create a MU plugin » tutorial and create a file named secupress-custom-role.php . Give this plugin the name « SecuPress custom role » for example.
  2. When you add the necessary code it should look like this :
     * Plugin Name: SecuPress custom role 
     * Version: 1.0 
    defined( 'ABSPATH' ) or die( 'Cheatin\' uh?' );  
    add_filter( 'secupress.user_capability', 'my_custom_role' ); 
     * Filter the user capability/role that gives access to SecuPress features. 
     * @since 1.0 
    function my_custom_role() { 
    	return 'edit_others_posts'; 
  3. edit_others_posts corresponds to the Editor and Administrator roles. You can find all the roles and their associated capabilities in Roles and Capabilities. You can also swap edit_others_posts for a custom user role but be careful because this will affect this role ONLY.
  4. Put the file in the /wp-content/mu-plugins/ folder.