bmw555web.Enjoy Free 888+200 Daily Legal Bonus

Resolved Jonathan Goldford
(@jg-visual)

2 years, 2 months ago

Hi, we recently upgraded a large multisite network to the newest version of the Really Simple SSL plugin (v5.3.4). After the upgrade, we noticed that regular Administrators (not super admins) can see an SSL menu in each subsite’s admin at Settings >> SSL. That menu only appeared on the network level in the past.

We know we can hide that menu by using remove_submenu_page(), but we figured it was best to report it since it may be a bug.

We also noticed in the code what looked like a potential setting with the name hide_menu_for_subsites, but we couldn’t find that within the WordPress admin.

Can you help us understand what changed, and what the best next steps are? Thanks a ton for the help.

Viewing 6 replies - 1 through 6 (of 6 total)

Plugin Author Rogier Lankhorst
(@rogierlankhorst)

2 years, 2 months ago

Hi @jg-visual,

We introduced a new capability, manage_security. By default it is assigned to administrators. You can use this capability to decide who can view the settings page.

Let me know if that helps.

Thread Starter Jonathan Goldford
(@jg-visual)

2 years, 2 months ago

Thanks a ton for the quick response Rogier. If we don’t want that admin submenu item to display for those with the administrator role, is the best way to hide that through code, or is there a setting in the plugin that should be used? I’d love to hear what approach you’d recommend.

Plugin Author Rogier Lankhorst
(@rogierlankhorst)

2 years, 2 months ago

I’m sorry, I should’ve added what you can do with the capability.

This capability allows you to manage what user roles have access to what by using a role manager plugin for example, or with a snippet of php code.

In your case, I think you’d want only the super admins to have that capability, and remove it from admins.

That should be the easiest method. As of 6.0 there won’t be a menu on the subsites anymore, the beta will be released next week.
Thread Starter Jonathan Goldford
(@jg-visual)

2 years, 2 months ago
Thanks for clarifying Rogier. As of now, we’re using a variation of this code to hide the menu for those that aren’t super admins:
```
if ( current_user_can( 'manage_sites' ) ) {

    return false;
}

remove_submenu_page( 'options-general.php', 'rlrsssl_really_simple_ssl' );
```
Just to confirm, it sounds like we’ll be able to remove that code when you release v6.0 of your plugin. Is that correct?

Thanks again!
- This reply was modified 2 years, 2 months ago by Jonathan Goldford.
Plugin Author Rogier Lankhorst
(@rogierlankhorst)

2 years, 1 month ago

Hi @jg-visual,

Yes, that’s correct.

Rogier

Thread Starter Jonathan Goldford
(@jg-visual)

2 years, 1 month ago

Thanks again for the help Rogier. I think we’re in good shape. I’ll go ahead and mark this resolved.

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘SSL Settings Menu Showing for Administrators’ is closed to new replies.