How do I prevent Super Users from doing specific high risks administrative actions?
In Matomo, Super Users are trusted and can do a lot of important actions. For example they can:
- Install new plugins
- De-activate plugins
- Use the Marketplace and update plugins
- Modify Archiving settings
- Modify Update & Auto-update settings
- Modify Email server settings
- Modify Trusted Matomo Hostname
- Modify the geolocation settings
When would I want to prevent Super Users from doing these actions?
In cases where you may not 100% trust Super Users, then you may want to prevent Super Users from taking actions that could compromise security (such as installing new plugins). There are several cases where you may not trust Super Users, for example when you provide Matomo as a service to your customers, and Matomo Super Users may be your customers rather than your colleagues. Or when you run Matomo on the same server and account as other web applications, and you want to make sure that Matomo app is locked down as much as possible.
How do I prevent Super Users from doing high risks administrative actions?
Edit your config/config.ini.php
file and set the following settings under [General]
section:
; Disable installing new plugins and (de)activating plugins.
enable_plugins_admin = 0
; Hide and disable in the UI the following settings:
; - Archiving settings
; - Update settings
; - Email server settings
; - Trusted Matomo Hostname
enable_general_settings_admin = 0
; Disable the geolocation settings
enable_geolocation_admin = 0
You could also disable the Marketplace plugin to prevent new plugins from being installed.