Root user and Admin user?

I have a web developer working on our site and he and I both share the admin/root user login account. I thought it would be best practice if I as the owner was a level higher than him as a root admin user and he is a level lower as a regular admin user. The difference being that I can block him and he cannot block me. Is such a thing doable?

anyone?

Yes, you can create a user account specific to what he / she does.

But, if he / she knows the super user details you will have to change them

To set-up a new Manager Role: login > Security > Roles

Just a side note - this is all useless if the developer has database access - so if you are worried that he / she could do something negligent, then you will have to restrict their access completely - which may or may not be a solution [ed. note: iusemodx last edited this post 6 years, 7 months ago.]

take a look here

Quote from: iusemodx at Sep 14, 2017, 10:49 PM

Just a side note - this is all useless if the developer has database access

What is database access?

Quote from: iusemodx at Sep 14, 2017, 10:51 PM

take a look here

Is this the same for Revo?

Database access is access to the database, self explanatory realy

Evo is not the same as Revo, as such, the user administration is also different

What is database access?

MODX, along with many other CMS uses files that are installed on your web server and a database which stores much of the information necessary to make the site work. The database is usually where the content you add to your web site is stored. so when you use the MODX manager you are actually interacting with the database.

It is possible, and necessary when developing a site, to access the database directly without going into the MODX manager at all. This can be done using a web application called phpMyAdmin, if it is installed on your web hosting environment. It can also be accessed by typing instructions into 'the command line'. You can read more about this here: https://dev.mysql.com/doc/mysql-getting-started/en/.

In order to get their job done your website developer is likely to have access to all the information they would need to access the database. They can be blocked, but this would normally be done in an environment where a system administrator would give them the necessary permissions. I suspect, from what you say, that you would not be able to do this. So I think you have to trust them. If you do ever fall out with them make sure you hire another developer quickly who can change all the necessary user names, passwords and permissions in order to deny them access. Although this may be easier said than done!