Table Of Contents
- Why You Should Restrict Access to Your WordPress Dashboard
- An Introduction to the Public Post Preview Plugin
- How to Share WordPress Post Drafts Using Temporary Links (In 2 Steps)
In most cases, giving people unrestricted access to your dashboard isn’t a good idea. After all, the more people with administrator privileges, the greater the chance of a problem arising that could have serious consequences for your site.
One excellent way to limit the number of people with access to your dashboard is to use temporary links to share sensitive content. This means if you need to share WordPress post drafts, for example, you won’t have to provide users with an account to see them. In this article, we’ll teach you how to do that, but first, let’s talk a bit more about the dangers of unrestricted access.
Why You Should Restrict Access to Your WordPress Dashboard
One of the easiest ways to improve security for any platform is to restrict access based on user roles. For example, not everyone needs an administrative account to do their jobs. Making sure the right roles are set is a primary element in keeping your website safe.
Default lower-level WordPress user roles are often quite restricted. Even so, you still don’t want to give out dashboard access to everyone. As a rule of thumb, people shouldn’t have their own accounts unless they’re regular contributors in one capacity or another, and here’s why:
- More accounts equals increased risk. Think about each account with dashboard access as a potential entry point for attackers. It sounds a bit paranoid, but safety should always be a priority for website owners.
- Users can cause errors on your website. Depending on their account privileges, people with dashboard access could break parts of your site by messing with features they don’t understand.
The good news is there are ways to provide users with temporary access to specific parts of your site. For example, you can use temporary links to share WordPress post drafts with anyone you like. Let’s talk about one tool to help you implement that feature.
An Introduction to the Public Post Preview Plugin
The Public Post Preview plugin is a simple tool that solves a complex problem. It enables you to share your post drafts with anyone you want using a single link. This means if you want someone to check out (or even edit) one of your posts, you don’t need to set up an account for them.
More importantly, every link the plugin generates is set to expire automatically after 48 hours. This means even if the link gets passed around, it will stop working after that period, and no one without an account will be able to touch it.
In practice, this feature can be helpful if you run a blog and occasionally want someone to look over your pieces before they go live. Plus, the code behind the plugin is theme independent, so it works with any website, including Divi blogs.
- Create temporary access links for your WordPress post drafts.
- Set your links to expire automatically, to prevent unauthorized access down the line.
- Configure how long it takes for your links to expire if you need to.
Price: Free | More Information
Before you can start sharing, you’ll (of course) need to install and activate the Public Post Preview plugin. Also, the optional second step will require you to access your WordPress files via File Transfer Protocol (FTP), and we recommend FileZilla for this purpose.
This part is straightforward. Simply select the post you want to share and open it using the WordPress editor. Once you’re in, you’ll see a new Enable Public Preview option in the Publish metabox:
Once you click the checkbox, the temporary link will appear below:
At this point, you can copy and send it to whoever you want to access your post drafts. It’s that easy!
As we mentioned, by default links will only work for 48 hours from the moment they’re created. However, if you want to change that time, check out the next section.
Step #2: Modify the Lifespan of Your Temporary Links (Optional)
The Public Post Preview plugin uses a type of security token called ‘nonces’, both to enable access to your post drafts and to determine the lifespan of their links. If you want to change the length of that lifespan, you can do so by modifying the plugins ppp_nonce_life function.
First off, access your website using FTP, then go to the public_html/wp-content/plugins/public-post-preview folder. Inside, you’ll find a file called public-post-preview.php. By right-clicking it and using the View/Edit option, it’ll open using your default text editor:
Once you’re in, use your editor’s search function to locate the ppp_nonce_life string. It should appear in the middle of the following code snippet:
$nonce_life = apply_filters( 'ppp_nonce_life', 60 * 60 * 48 ); // 48 hours
This is the code we need to alter to change your links’ default lifespan. For example, if you want to set it to 72 hours instead of 48, just replace the third number in the sequence. This governs the number of hours the link will remain active for, so tweak it as needed. You can also limit access to mere minutes, as in the following example…
$nonce_life = apply_filters( 'ppp_nonce_life', 60 * 30 ); // 30 minutes
…where the link will only ‘live’ for half an hour. However, that’s probably too restrictive, so we recommend setting it to a couple of hours at the very least. Do note that everything after the // characters is what’s known as commentary, so it doesn’t impact the lifespan of your links. It’s just there so you can take notes about the changes you make.
Once you’ve settled on the new lifespan for your links, save your changes to the public-post-preview.php file, close it, then carry out a quick test to make sure your link works.
Whenever possible, you’ll want to limit the number of people who have unrestricted access to your dashboard. After all, not everyone needs an account, and in some cases you can provide temporary access to specific sections. That way, your website will be less vulnerable on the whole.
For example, if you want to share your WordPress post drafts, you can always use the Public Post Preview plugin. Here’s how:
- Choose a post and get a temporary link for it.
- If you want to, modify how long the link will remain active by editing the public-post-preview.php file.
Do you have any questions about how to share WordPress post drafts using temporary links? Ask away in the comments section below!
Article thumbnail image by Booba22 / shutterstock.com.