If your business requires multiple people to manage your website or you have a blog with multiple authors – you should know how to manage WordPress user roles.
WordPress users should have access only to specific parts or functionality of your site. Why? There are several reasons for that:
- Junior team member changing site configuration;
- Guest author publishing posts without editor confirmation;
- People have access to financial data.
I’m sure you can think of more cases when smart user role management helps to prevent possible issues and security breaches.
To avoid any issues, WordPress offers 5 default user roles which have their rights defined to cover most of the scenarios. In this topic, we will browse through predefined WordPress user roles and look into how those roles can help your organization.
The Administrator role is the most important role in WordPress. This role grants you with access to all features and options of your site. You can change settings, control plugins, content, and themes. You can create new users and control user role distribution on your WordPress site.
As it is the most important role, it is highly recommended not to give Administrator role to anyone unless there is no other option.
The Editor role allows a user to work with content – pages, posts, custom post types, and even private posts.
The Editor can create, modify and delete content. This role is handy if you delegate your content creation to someone. At the same time, Editor role has no access to general WordPress settings or plugin sections.
The Author role is typical blogger user role which allows authors to create and publish posts, access WordPress Media Library. At the same time, authors are not able to modify posts which are created by someone else and also do not have access to pages.
If allowed, authors can even modify comments, but only for their posts.
The Contributor is a very useful role for blogs with guest authors invited to write articles.
As you do not want to grant guest authors publishing options you can give them a Contributor role. It allows them to create Unpublished posts but does not allow to publish. All of the posts are sent for Review and only higher role (Administrator, Editor) can publish it.
Another important aspect is that Contributor role does not have access to Media Library. This means you will need to assist guest authors if they wish to add anything from Media Library or fine tune their post after the guest author has completed the job.
The Subscriber is the simplest WordPress user role without access to any site or content modification tools and sections.
A user with Subscriber role can log in to your WordPress site and update his/her profile. Subscriber role is often used when you want your visitors to register on your site to access posts or place comments.
Note: In order to allow your visitors quickly register on your site, you will need firstly check “Anyone can register” box under Settings – General – Membership and add Meta widget to your site.
How to modify user roles?
If you need to adjust access of some specific user you can do it via Administrator account of your WordPress site.
Navigate to Users section of your WP Admin Dashboard and change role type of certain users, remove accounts or create new ones.
Take into account that you can not modify the rights of a certain user group with a default version of WordPress. For that, you will need additional free or premium plugins or custom solution. Also, some plugins may offer their own role manager for their functionality.
If we look at specific user role management plugins it is worth to mention Members. The Members plugin allows creating custom roles and manages user role access capabilities. Another user role plugin is the User Role Editor which is one of the most popular and easy to use plugins in the field of role management.
Do you use all WordPress user roles on your site? Are you ok with the default WordPress user roles or need extra features and control? Share your experience in the comments section below.