Is it a bad idea to give the Admin group permissions for everything?

DimitriT

New member
I see the administrator as "root" [insert "bow before me for I am root" t-shirt]. Why would it be a bad idea to give all access to the admin? I am the only user in that group.

Thanks!
 

Max Taxable

Well-known member
Back in the old days of vB the script kiddies and the brute force botnets would go after that #1 account. So I always had that account completely depowered. That's still one of my practices today, although I doubt the usefulness of it. I also didn't publicly identify the admins or moderators, you had to be logged in to see their user titles.
 

DimitriT

New member
Back in the old days of vB the script kiddies and the brute force botnets would go after that #1 account. So I always had that account completely depowered. That's still one of my practices today, although I doubt the usefulness of it. I also didn't publicly identify the admins or moderators, you had to be logged in to see their user titles.
That's an excellent idea. I should have thought of that. We never give the root password to a user. We create elevated users. Thanks!
 

Brogan

XenForo moderator
Staff member
Another thing which a significant number of former VB users do is assume that all administrators are moderators.

They are two completely separate roles, although one member may fulfil both.

I have members on my site who are moderators but not administrators, administrators who are not moderators, and members who are both.
 

Max Taxable

Well-known member
Yes, xenforo gives you role diversity which can be another level of security. Although I realize "permissions for everything" probably means just that. But it doesn't have to be.
 
Top