Support

Documentation

WordPress roles and Akeeba Backup privileges

Akeeba Backup for WordPress has three distinct user privileges:

  • Backup. Allows the user to take backups and retry uploading backup archives to remote storage.

  • Download. Allows the user to download backup archives from remote storage to the site server or their local computer; download backup archives from the site server to their local computer; delete backup archives and backup archive records; and transfer the site to a different location or server using the Site Transfer Wizard.

  • Configure. Allows access to everything else. Please note that reading the log files does require the Configure privilege since the log may contain sensitive information. Likewise, restoring a site requires the same privilege because it lets the user see privileged information such as the database connection information.

On a single site WordPress installation these privileges are assigned to user roles (the respective WordPress capabilities are in parentheses) in the following manner:

  • Editor (edit_others_posts capability). Only gets the Backup privilege.

  • Administrator (activate_plugins capability). Gets the Backup and Download privilege.

  • Super Admin (delete_users capability). Gets all privileges.

  • Everyone else. Can list backups but not download or do anything else with them.

On a multi-site WordPress installation these privileges are assigned to user roles (and WordPress capabilities) in the following manner:

  • Super Admin (users with access to the Blog Network Dashboard). Gets all privileges.

  • Everyone else. Can list backups but not download or do anything else with them.

The differences in privileges are necessary because of the nature of Multisite installations: whoever has access to the backups has access to all blogs on the network. Therefore only blog network admins (Super Admin) should have access to Akeeba Backup.

Unfortunately WordPress doesn't allow fine-tuning the permissions of users to plugin features. The above mapping of WordPress roles and Akeeba Backup privileges is hard-coded. Should you need to change it you will have to modify the file wp-content/plugins/akeebabackupwp/helpers/solo/Application/WordPressUserPrivileges.php. Any changes you make to that file will be lost on update and will have to be reapplied.