US: (800) 673 4215
AU: 1 300 SEO Joe (736 563)
Drupal Security
In Drupal you can use roles to group a set of users to your site and give them set permissions or privileges. Your initial account is a super user. It is advisable to create an administrative role called "admin" and grant this role capabilities to administer and manage everything similar to an admin.
By default there are two roles as part of the installation - anonymous users and authenticated users. Anonymous user is any visitor to your site that does not login. Authenticated user, on the other hand, is any user who requests a login to your site. By default, visitors to your site have the permission to create an account on your site and inherit the privileges assigned to authenticated users. If you do not wish to have users on your site to have such privileges, you can control this from administer » user management » user settings. By selecting the option "Only administrators can create new user accounts" you can control the creation of new user accounts:
For my site JoeMatthew.com I am going to disallow anyone other than administrators to create new accounts and inherit privileges. For my site Gotofamousfootwear.com I am going allow shoppers to create their own account if they wish to do so.
For this, I will leave it to the default of "Visitors can create accounts and no administrators approval is required".
Below are the privilege settings for my JoeMatthew.com site and GotoFamousFootwear.com that you can mirror to follow along with this workbook without any permission issues
My Access Control settings for JoeMatthew.com
| Permission | admin users | anonymous user | authenticated user | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
| aggregator module | ||||||||||
| access news feeds | ||||||||||
| administer news feeds | ||||||||||
| block module | ||||||||||
| administer blocks | ||||||||||
| use PHP for block visibility | ||||||||||
| blog module | ||||||||||
| edit own blog | ||||||||||
| comment module | ||||||||||
| access comments | ||||||||||
| administer comments | ||||||||||
| post comments | ||||||||||
| post comments without approval | ||||||||||
| fckeditor module | ||||||||||
| allow fckeditor file uploads | ||||||||||
| use advanced fckeditor | ||||||||||
| use default fckeditor | ||||||||||
| filter module | ||||||||||
| administer filters | ||||||||||
| image module | ||||||||||
| create images | ||||||||||
| edit images | ||||||||||
| edit own images | ||||||||||
| view original images | ||||||||||
| image_gallery module | ||||||||||
| administer images | ||||||||||
| image_import module | ||||||||||
| import images | ||||||||||
| menu module | ||||||||||
| administer menu | ||||||||||
| node module | ||||||||||
| access content | ||||||||||
| administer content types | ||||||||||
| administer nodes | ||||||||||
| create page content | ||||||||||
| create story content | ||||||||||
| edit own page content | ||||||||||
| edit own story content | ||||||||||
| edit page content | ||||||||||
| edit story content | ||||||||||
| revert revisions | ||||||||||
| view revisions | ||||||||||
| nodewords module | ||||||||||
| administer meta tags | ||||||||||
| edit meta tags | ||||||||||
| path module | ||||||||||
| administer url aliases | ||||||||||
| create url aliases | ||||||||||
| poll module | ||||||||||
| cancel own vote | ||||||||||
| create polls | ||||||||||
| inspect all votes | ||||||||||
| vote on polls | ||||||||||
| site_map module | ||||||||||
| access site map | ||||||||||
| survey module | ||||||||||
| maintain surveys | ||||||||||
| submit surveys | ||||||||||
| system module | ||||||||||
| access administration pages | ||||||||||
| administer site configuration | ||||||||||
| select different theme | ||||||||||
| taxonomy module | ||||||||||
| administer taxonomy | ||||||||||
| trackback module | ||||||||||
| administer trackbacks | ||||||||||
| user module | ||||||||||
| access user profiles | ||||||||||
| administer access control | ||||||||||
| administer users | ||||||||||
| change own username | ||||||||||
| webform module | ||||||||||
| access webform results | ||||||||||
| clear webform results | ||||||||||
| create webforms | ||||||||||
| edit own webforms | ||||||||||
| edit webforms | ||||||||||
| use PHP for additional processing | ||||||||||
My Access Control settings for GoToFamousFootwear.com
| Permission | admin users | anonymous user | authenticated user | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
| aggregator module | ||||||||||
| access news feeds | ||||||||||
| administer news feeds | ||||||||||
| apparel module | ||||||||||
| create apparel products | ||||||||||
| edit own apparel products | ||||||||||
| block module | ||||||||||
| administer blocks | ||||||||||
| use PHP for block visibility | ||||||||||
| blog module | ||||||||||
| edit own blog | ||||||||||
| comment module | ||||||||||
| access comments | ||||||||||
| administer comments | ||||||||||
| post comments | ||||||||||
| post comments without approval | ||||||||||
| ec_mail module | ||||||||||
| administer ec emails | ||||||||||
| fckeditor module | ||||||||||
| allow fckeditor file uploads | ||||||||||
| use advanced fckeditor | ||||||||||
| use default fckeditor | ||||||||||
| filter module | ||||||||||
| administer filters | ||||||||||
| image module | ||||||||||
| create images | ||||||||||
| edit images | ||||||||||
| edit own images | ||||||||||
| view original images | ||||||||||
| image_gallery module | ||||||||||
| administer images | ||||||||||
| image_import module | ||||||||||
| import images | ||||||||||
| menu module | ||||||||||
| administer menu | ||||||||||
| node module | ||||||||||
| access content | ||||||||||
| administer content types | ||||||||||
| administer nodes | ||||||||||
| create page content | ||||||||||
| create story content | ||||||||||
| edit own page content | ||||||||||
| edit own story content | ||||||||||
| edit page content | ||||||||||
| edit story content | ||||||||||
| revert revisions | ||||||||||
| view revisions | ||||||||||
| nodewords module | ||||||||||
| administer meta tags | ||||||||||
| edit meta tags | ||||||||||
| path module | ||||||||||
| administer url aliases | ||||||||||
| create url aliases | ||||||||||
| poll module | ||||||||||
| cancel own vote | ||||||||||
| create polls | ||||||||||
| inspect all votes | ||||||||||
| vote on polls | ||||||||||
| product module | ||||||||||
| administer products | ||||||||||
| search module | ||||||||||
| administer search | ||||||||||
| search content | ||||||||||
| use advanced search | ||||||||||
| site_map module | ||||||||||
| access site map | ||||||||||
| store module | ||||||||||
| administer store | ||||||||||
| subproducts module | ||||||||||
| administer own subproducts | ||||||||||
| administer subproducts | ||||||||||
| administer variations | ||||||||||
| system module | ||||||||||
| access administration pages | ||||||||||
| administer site configuration | ||||||||||
| select different theme | ||||||||||
| tangible module | ||||||||||
| create shippable products | ||||||||||
| edit own shippable products | ||||||||||
| taxonomy module | ||||||||||
| administer taxonomy | ||||||||||
| trackback module | ||||||||||
| administer trackbacks | ||||||||||
| user module | ||||||||||
| access user profiles | ||||||||||
| administer access control | ||||||||||
| administer users | ||||||||||
| change own username | ||||||||||
| webform module | ||||||||||
| access webform results | ||||||||||
| clear webform results | ||||||||||
| create webforms | ||||||||||
| edit own webforms | ||||||||||
| edit webforms | ||||||||||
| use PHP for additional processing | ||||||||||
Resources
Video
In this video you will see how to
- Create a new role
- Manage the privileges of this role
- Change the account creation settings for your site
- Create a new user account and assign it to a role.
33 Large Screen Training Video Courses
Get all 33 large screen training videos like this one,
absolutely free ($99 value) used by over 250,000 Drupallers
Our Strict Privacy Policy keeps your e-mail safe and secure.