All site data visible to members and non-members alike
I’ve been poking around for some time and I’m a little surprised that not one person has been confused by the complete lack of security in BuddyPress. I have started a closed beta program for a project I’m working on for the Autism community. Without going into a lot of detail, the Autism community requires strong security. Facebook offers their version of security in that you need to be logged in and a friend in order to see someone’s profile information. All social systems I have seen and/or worked offer a choice about what you want to make public facing or only for approved individuals.
BuddyPress offers no such protection at all. Nothing. Everything I can see while logged in as admin I can see by not logging in and simply clicking around. I’ve been using WordPress for 5 years now and, while I’m new to WPMU and BuddyPress, I know that there are no options for managing who gets to see what and under what circumstances. This would seem to me to not only be a critical aspect of any social network, but also a rather simple one to implement. Then again, I’m no coder. I’m just a weekend hacker with lots of sysadmin experience.
Regarding my audience, there’s no way I can let people put in their personal information and let some random asshat walk in and read it, or worse, act on the personal and identifying information they find there. That’s just not possible.
Is there something I’m missing? Some people tell me I’m smart, but I rarely believe them, so its very possible I’ve missed something obvious.
- The topic ‘All site data visible to members and non-members alike’ is closed to new replies.