WordPress User Roles and Permission Management Explained
Out of the box, WordPress includes up to six different user roles.
Understanding each one is key if you want to protect your site and ensure your team of editors content creators work more effectively.
Hi, WordPress enthusiasts, my name is Robert and in this video, I’ll explain five of these roles in turn.
I’ll also show you what the WordPress dashboard looks from the perspective of each role.
Let’s start with the Administrator.
Level 1 THE ADMINISTRATOR 0:36
This is the role assigned to you when you create a website.
The administrator is at the very top of the hierarchy.
In most cases, there is only one, and they can access all the functions of the WordPress backend.
Administrators can do everything.
This user role can, in part create, edit, and delete any content, manage plugins and themes, edit code, delete or manage other user accounts.
Obviously, the administrator is the most powerful user role and should rarely be assigned to any other account.
If you give someone else this user role, you’re essentially giving them the keys to the castle.
So be careful!
For multisite owners, the Super Admin role is the one that has such capabilities.
Level 2 THE EDITOR 1:45
Now that I am logged in as the administrator, let me create a new user with the editor role.
Remember that you can give access to certain people through your login page even if the “anyone can register” feature is disabled in the general settings of your website.
One of those people may be your copywriter, set as your editor, who can receive an email once the account is created if this box is checked.
As the name of this user role suggests, an editor is generally responsible for managing content and thus has a high level of access.
They can create, edit, delete and publish both pages and posts – even those belonging to other users.
An editor can also moderate comments and manage categories and links.
However, they cannot make site-wide changes such as adding plugins and themes or installing updates.
Instead, they are responsible for overseeing the work of authors and contributors.
Level 3 THE AUTHOR 3:11
An author has far fewer permissions than editors.
They cannot edit pages and are unable to alter other users’ content.
In addition, they lack any sort of administrative capabilities.
What they can do is create, edit, delete, and publish their own posts, and upload media files.
This makes their role pretty clear.
Authors are responsible for creating content, and nothing more.
Level 4 THE CONTRIBUTOR 3:57
The contributor role is essentially a stripped-down version of the author’s role.
A contributor is only able to perform three tasks – reading all posts, as well as deleting and editing their own posts.
This role is quite limited since it doesn’t enable users to publish posts or upload media files.
However, it’s ideal for one-time and new content creators.
Level 5 SUBSCRIBER 4:15
Subscribers have only one main capability and their WordPress dashboard is usually incredibly bare.
They can read all posts on the site, as well as manage their own profiles.
Normally, anyone can read posts without being assigned a role, so not all sites will use this option.
However, it comes in handy for subscription-based sites, where you want to enable access to content only for certain people.
Understanding the various user roles is important, but so is knowing how to apply them correctly.
Every site is a little different, but here are a few tips for making the best use of this feature:
Give each user only the level of access they need.
This is key for security, so no one can make unapproved changes or delete content accidentally.
Keep the number of user roles at the top limited.
A solid rule of thumb is to stick with one administrator and a few trusted editors.
The Author role can be assigned to regular content creators who have proven themselves, and new or one-time writers can simply be given the contributor role.
Try using plugins to customize your user roles.
The default system is effective, but you may benefit from a plugin to enhance its functionality.
User role plugins enable you to create your own specialized roles, alter the existing ones, and more.
I recommend starting with the aptly-named User Role Editor.
And always remember – when in doubt, it’s better to assign too few permissions than too many.
Make sure you understand the five, sometimes six basic user roles in WordPress, and what each is capable of.
Then, you can follow a few simple techniques to take advantage of this feature.