Support » Fixing WordPress » Can unregistered users post?

  • Hi all,

    I’ve done a search in the archives and don’t find anything on this. Is it at all possible, plugin or no plugin, for an unregistered user to post an article on a WordPress blog? I can’t find anywhere where this is possible. If unregistered users can post comments, shouldn’t it also be possible to post new articles if the admin allows it?

    Would greatly appreciate a comment regarding this.



Viewing 7 replies - 1 through 7 (of 7 total)
  • No. And No. Because people can write anonymous letters to the editor does that mean they should be able to write feature articles for the newspaper? In order to create a post users have to register. The administrator/editor can decide whether new registrants can publish a post immediately or have to wait for his or her approval. Commenting on a post and writing a post are two entirely different kettles of fish.

    I’m not talking about a public blog. This is an internal blog setup behind a company firewall. So instead of kids in a car, this is more of a “cows-in-a-cattle-car” scenario.

    And besides, there is a posting of someone who did create a script from scratch to allow this, but never posted his result.

    I am not saying it can’t be done. You asked if, because unregistered users can post anonymous comments, they shouldn’t also be allowed to post articles? The answer, based on that proposition, is logically “No.” As it is, provided they give a valid e-mail address, you can select whether or not new users may publish immediately upon registration. You have the option and that is how it should be, regardless of whether it is on a public or private network.

    Now, to the question of whether or not you can make it so anyone can post an article anonymously and without a password – sure, but it’ll take some work to set up and you won’t find a “plugin” to do it.

    Posting (and therefore executing plugins or other files) can also be considered a security risk. For example – if you have a plugin that enables php in posts, and an “anonymous user” who posts malicious code in a post could easily exploit the whole database.

    Just my 2 cents on a security risk for not being able to have anonymous users post. Even if it is not that plugin, since many plugins DO use php and the database.. why take the chance? If it is someone that will be posting on an internal network, and you trust the users.. then why not let them register TO post?

    “just because” a user can comment anonymously in posts has nothing to do with “being able to post anonymously” .. there are different functions, files and other things used from a comment to a full blown post. That is comparing apples and oranges.

    We figure that most users behind our firewall will be less likely to use the blog if they have to register first. I want to make it easy and fast for an always-on-the-run consultant to post something quickly and cleanly.

    It is not like registering is difficult and has to be done more than once. Frankly, if it is too much work to sign up, it would be too much work to post anything…

    But, you can certainly create a user “AlanSmithee” with a simple password and let anyone log in using that or register employees yourself and send them there account names and passwords.

    That would be easier than removing the security of usernames and passwords altogether.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Can unregistered users post?’ is closed to new replies.