I have been working with WordPress for the past 3-4 years, but I am new to BuddyPress.
I would like to hide the admin account completely from BuddyPress for security reasons. For example with a regular WordPress blog I would have two separate accounts (one with admin privileges that remains hidden, and another one with only an Editor role to publish all the articles). That way the admin account would be hidden from the public and anyone trying to break in would have to guess both the password AND username. In BuddyPress this is not so easy, since the admin account is very much exposed to the public.
One thing I managed to do is exclude the admin profile from the members directory by editing the /bp-themes/bp-default/members/member_loop.php file. (Yes I know I shouldn’t edit the default theme and make a child theme or a stand alone theme instead! I will get to it once I get this resolved.) I added the &exclude=1 parameter (1 being the user ID of the admin account) as such:
<?php if ( bp_has_members( bp_ajax_querystring( 'members' ).'&exclude=1' ) ) : ?>
But I would need some help with the following:
-
Hiding the admin profile (i.e. making it only visible to themselves, but not to anyone else). -
Preventing the admin’s activity from appearing publicly on the site.
-
Or did I miss something else as well?
PS. I am thinking of installing BuddyPress in a MultiSite network so it is very important for me to not expose the super-admin account in such a manner.
EDIT: So here is what I came up with for #1 (it goes into the theme’s functions.php page):
// Hide admin profile pages
add_action( 'wp', 'hide_profile_template', 1 );
function hide_profile_template() {
global $bp;
if(bp_is_profile && $bp->displayed_user->id == 1 && $bp->loggedin_user->id != 1) :
global $wp_query;
$wp_query->set_404();
status_header(404);
include(locate_template('404.php'));
exit;
endif;
}
So now I still need help with hiding admin activity (#2).
6 s
I found this:
Exclude Users from Members directory on a BuddyPress based social network
We will need to hook to
'bp_ajax_querystring'filter.The following code will allow to exclude the users from the members directory. They will be still listed in the friends list of other users with whom they are friends with.
add_action('bp_ajax_querystring','bpdev_exclude_users',20,2);
function bpdev_exclude_users($qs=false,$object=false){
//list of users to exclude
$excluded_user="1,2,3";//comma separated ids of users whom you want to exclude
if($object!='members')//hide for members only
return $qs;
$args=wp_parse_args($qs);
//check if we are listing friends?, do not exclude in this case
if(!empty($args['user_id']))
return $qs;
if(!empty($args['exclude']))
$args['exclude']=$args['exclude'].','.$excluded_user;
else
$args['exclude']=$excluded_user;
$qs=build_query($args);
return $qs;
}
Source
And in BP foruns:
how to hide admin activity on Buddypress activity?
Put this code in bp-custom.php and None of the site admin activity will be recorded nor will you appear in the Who is Online/ recently active members widget.
add_action("plugins_loaded","bpdev_init_sm_mode");
function bpdev_init_sm_mode(){
if(is_site_admin())
remove_action("wp_head","bp_core_record_activity"); //id SM is on, remove the record activity hook
}
Source
I think you can merge both filters and hide Admin Once and for all 🙂
UPDATE
Because these hacks aren’t working in 1.6 this topic suggest it may work by using the old admin bar in BuddyPress. Is that so?
