In our previous article, we have talked about how to manage the membership websites and restrict contents for users.
In this article, we continue talking about how to improve user management on a WordPress website. We present you a list of 14 free plugins that add a lot of features to standard WordPress functionalities, improve the security of your WordPress website, help you to save time while developing and keep track of what your users do on your site.
You of course know that you have to pay attention to your password choice, creation of a strong password and keeping it in a safe place. But how do you know how much attention your users pay to that? The discovery of one of your users’ password, even if the user has no privileges, could be the first step for a hacker attack. Think also what might happen if someone who wants to damage your blog discovers the password of your editor or author.
This plugin makes sure that your users use strong passwords.
This plugin changes the new user registration process. When a user signs up on your site, s/he does not receive credentials right away. An email is sent to the administrator, who can approve or reject user registration. The user receives an email when the administrator changes the registration status. If user registration is approved, s/he receives login credentials. This plugin is useful for private and paid membership websites, also for avoiding fake account registration.
If you want to manage the redirection of users after login, Peter’s Login Redirect will help you do that. You can define a set of redirect rules for specific users, filtering them by roles and capabilities, and a default redirect for all other unfiltered users. You can also set a redirection after user registration and create a dynamic URL for each username.
Most probably, all your users login to your website and remain logged in. You might want to avoid this for many reasons, for example, to slightly reduce the resources used by your server or to make sure that, if your users use a non-private computer, nobody is able to access your site without knowing the password. This plugin allows you to set the time after which the user will be disconnected. Users can easily log back in when they want to resume their session.
If you want to keep track of your website activities, this is the easiest plugin that you can activate on your website. It is very easy to use and provides a detailed history of everything what happens on your WordPress site: user logs, user activities, version history, and much more. You will be able to track everything that your logged-in users are doing. You will be able to keep track of what was added, removed, updated, or changed: posts and pages, attachments, comments, widgets, plugins, user profiles, menu edits, and much more!
This is another good plugin for WordPress audit logs. It is a little bit more complex than the previous one, but it provides more information. This plugin is focused on your website security and generates a security alert when a user performs a suspicious action.
Often when you need to temporarily lock a registered user, but WordPress does not provide this feature, you can at max change his/her password or remove all capabilities. This plugin solves this problem and allows you to temporarily disable a user account with just one click – without needing to change anything in that account and without deleting it, which is very difficult if the user has already created some contents.
This is a useful plugin that allows you to limit access to dashboard filtering by user role. You can choose to totally lock access to the dashboard or limit access to it, for example, by showing only the user profile page. You can set a redirect URL for restricted content or add a custom message on the login page.
We know that WordPress allows logging in to an account from different sources contemporaneously and disallows only the contemporaneous modification of the content – to avoid data inconsistency. This plugin allows only one access at a time, so it deters members/subscribers from sharing their accounts with others. It is useful for automatically destroying old sessions and prompts old sessions to login again if they want to continue.
User Role Editor is probably the most complete free plugin to manage user capabilities. You are able to easily change user capabilities for roles. You can also add new roles and customise their capabilities according to your needs, from scratch or as a copy of another existing role. All you need to do is check or uncheck the capabilities that you want to enable or disable for the current role.
If for some reason you do not want to use the previous plugin, a good alternative is WPFront User Role Editor, which allows you to create new roles, rename roles and customise capabilities for each role.
Delete Me allows your users to remove themselves from your site. When the plugin is activated, the cancellation link is displayed in the user dashboard. If s/he confirms it, the account is removed. You can set which roles are able to remove themselves.
13 – User Switching
User Switching is particularly useful for user testing or at the development stage. It allows you to switch from one user to another, save the steps of logout from the current account, or login to a new account.
If you want to add custom fields to a user page, this plugin is a good fit for your purpose. It allows you to extend the user profile by easily creating user meta-fields. These fields can be used during the registration process or by editing one’s own profile page in the WordPress dashboard.