Access Manager – Disclaimer, Terms and Conditions

Overview

Access Manager is the most advanced access control plugin on the market for KB content protection. However, due to WordPress limitations and depending on your website setup, the Access Manager effectiveness will never be 100 percent. You can take steps to increase its ability to protect your content – see Access Manager documentation for details.

Refer to Access Manager documentation for further instructions on how to maintain KB access protection.

We do not guarantee that the Access Manager plugin will function with all third-party plugins, themes, and browsers of any kind. We do not assume responsibility and will not be held responsible for any conflicts or compatibility issues that may occur due to third-party software. We assume no responsibility for any data loss as a result of installing or using Access Manager add-on. Should conflicts occur with third-party software, we may provide support at our discretion. Additionally, we are not liable and will not be held responsible for any content exposure, personal loss, site damage, site errors, theft, fraud, loss of profits or revenue, loss of business or opportunities, or loss of customers or clients as a result of installing or using Access Manager add-on.

The Plugin Owner Responsibilities

It is your responsibility to follow all our instructions in order to maximize the security and stability of the protected Knowledge Base:

  • Carefully read Access Manager documentation (link), our instructions, and guidelines.
  • Keep all KB plugins up-to-date and running the latest versions.
  • Keep WordPress up-to-date with latest version.
  • Only install reputable WordPress plugins and themes that do not bypass WordPress core hooks and functions and do not directly access WP content tables.
  • After configuring KB Groups and Users in Access Manager, thoroughly test that content restriction works as expected.
  • Use a reputable hosting company that implements good security measures such as WPEngine.
  • Protect and regularly backup your WordPress installation, including Access Manager tables and configuration.
  • Prevent anyone from modifying Access Manager code or database data.
  • Prevent caching of protected KB content.
  • Enforce industry security standards, including effective management of user passwords.
  • Minimize hacking to your website by using current security related technology and tools.
  • Minimize and control WordPress users that have the ‘manage_options’ capability since they will have full access to KB configuration and content regardless of kB restriction settings.
  • When you want to restrict access to your Knowledge Base for certain WordPress users they must be deprovisioned in Access Manager.
  • Determine whether Access Manager is the appropriate solution.
    • Due to inherent security limits in WordPress we recommend using Access Manager only for content that does not contain personal information or critical confidential information. Therefore Access Manager is best suited to:
      • Restrict access to Premium website content.
      • Restrict access to non-critical internal information.
      • Separate content between groups in your organization.
      • Prevent employees from modifying non-critical content.
    • Access Manager should not be used to protect personal, confidential, and sensitive information.
    • If content protection is critical to your business or customers we recommend that you look at more advanced solutions such as having a dedicated website, implementing Drupal, or a cloud solution.

What You Should Know

  • Minimize the time during which Access Manager is NOT active. Inactive Access Manager plugin cannot actively protect your content, although that content should still be inaccessible.
  • Anyone with privilege access to the WordPress database will be able to view and copy Knowledge Base content and manipulate restrictions to the content.
  • Any WordPress user who is an administrator or has ‘manage_options’ capability will have full access to Access Manager configuration and KB content.
  • KB articles and category/tags content in the database is NOT encrypted.

 

Access Manager Version 1.0.0 Limitations

Access Manager version 1.0.0 does NOT restrict access to:

  • Tags
  • Media files such as PDFs, attachments, and images
  • Content export