WordPress user roles and how to use them

8th February 2019

WordPress Website Maintenance Service UK WordPress User Roles Explained

Have you ever wondered what the WordPress user roles are for or how to use them? Maybe you’re here because you want to figure out which roles give which capability to users. We will answer all your WordPress user role questions here.

WordPress by default is bundled with 6 different user roles. Super admin, admin, editor, author, contributor, and subscriber. Each role gives a user different permissions or capabilities when logged into WordPress. For example, a contributor role would allow a user to create posts whereas a subscriber role will not.

If you are the only member of the site, then it’s likely you have never given these roles much thought or had the need to until now. WordPress user roles are essential if you are going to give other people access to your site.

If you need to add another user to your site whether it’s for them to create a post, edit a page or manage SEO you need to ensure that you assign them the correct user roles for their needs.

By applying the correct user role, you ensure that you don’t give anyone more power on your site then is needed. We have worked with many WordPress websites that have several admin users. Ideally, you want just one admin account which minimises the points of entry for any hackers. If you need to have more than one admin, then make sure the admin accounts use secure passwords, for added security you could also use 2-factor authentication.

This is good practice for all users really. Strong passwords are very important in keeping your WordPress website secure.

In this post, we will walk you through each WordPress user role, what its capabilities are and how to use them.

WordPress user roles and editing

What Does Each Role Mean?

1. Super admin
A super admin is a special role reserved for those admins who manage multiple WordPress websites on a multisite install. A super admin has the same capabilities as a normal admin, but their capabilities stretch across multiple websites. So not only can they edit delete and change posts, pages, and users on their own site, they can also do this across a network of WordPress websites. If you run a single website, you would likely not come across or use the super admin role.

2. Admin user
As stated above and admin user has full control of the website, from managing posts pages and users to password and security admin users can do it all. They can install plugins, themes, edit theme and plug-in code. Create edit and delete posts and pages, add new users and edit their details and passwords. Because an admin user has such power, it is important that you only give users admin roles if entirely necessary. The single most used way to hack into a WordPress website is by guessing passwords. Bots are often sent out to try and crack website passwords. We see at least a few attempts to guess our admin account passwords every day, so ensuring you use a good password and 2-factor authentication is important.

3. Editor
As the name suggests, the editor role enables a member to add, edit and delete pages posts or comments. This includes the posts, pages, and comments of others. Editors are not able to change settings, add or edit plugins or themes.

4. Author
Authors are similar to editors, the difference is that authors can only add edit and delete their own posts so they only have control over their own content. Authors are unable to edit or approve comments and they cannot add post categories although they can choose from currently available ones. Authors cannot access WordPress settings plugins or themes.

5. Contributor
The contributor role is a very paired down one. A member with this role will only be able to add and edit posts, they will not be able to publish this post and cannot edit or publish or delete other members posts. The disadvantage of a contributor role is they are also unable to manage Media. This means they cannot add images or other media to their posts and the posts will not be published until another member with a higher role level publishes it.

6. Subscriber
This role is the most restrictive one and only really allows a user to log in and edit their profile or change their password. They are unable to create or edit posts and cannot access the admin area of WordPress. Therefore, this user group is only really useful for members that you require sign in for to post a comment.

Yoast SEO Manager

What are the roles SEO Manager and SEO Editor?

Some people might also be aware of the WordPress user roles, SEO manager and SEO editor. If you see these roles in your WordPress dashboard it is likely that you have an SEO plugin installed. A plug-in like Yoast has these user roles to give better control for members who solely managed the SEO parts of your website. These roles can be particularly useful if you employ someone or pay a freelancer to do some SEO work on your website. With Yoast you can restrict their use to just the capabilities they need rather than giving them full admin access. The SEO manager role as the name suggests means that they have the ability to edit the Yoast SEO settings and metadata information. The SEO editor is not able to edit the plug-in settings or metadata and is limited to accessing only the SEO content box in posts and pages and other areas where they might need to adjust.

How to do I edit the role of a user in WordPress?

White Label WordPress Maintenance Plans UK How to use WordPress user roles

Editing the role of a user in WordPress is relatively easy. Once you have logged in, simply navigate to the user page in the admin area and you will see a list of your users. Next to users you will see the role that is currently assigned to them. You click on the user’s name and scroll down where you will see an option to change the primary user group or user role. You simply select the role you want to assign that user and click save. As an admin user, you are able to edit the user role of any user on your site and can change it at any point.

Try this user role plugin for more fine-grained control.

Sometimes you might find that the default WordPress user roles that come with WordPress don’t quite fit your needs. If this is the case then we recommend taking a look at this WordPress User Role plugins.

User Role Editor


User Role Editor WordPress plugin allows you to change user roles and capabilities easy.
Just turn on check boxes of capabilities you wish to add to the selected role and click “Update” button to save your changes. That’s done.
Add new roles and customise its capabilities according to your needs, from scratch or as a copy of other existing role.
Unnecessary self-made role can be deleted if there are no users whom such role is assigned.
Role assigned every new created user by default may be changed too.
Capabilities could be assigned on per user basis. Multiple roles could be assigned to user simultaneously.
You can add new capabilities and remove unnecessary capabilities which could be left from uninstalled plugins.
Multi-site support is provided.

User role editor

Gavin Pedley

Gavin Pedley

Gavin is the guy behind the award-winning ThriveWP. He has over 18 years of experience creating, developing, hosting and managing WordPress websites.

Gavin regularly shares his expertise via the ThriveWP blog and Youtube channel, where he creates informative and helpful WordPress tutorial videos.

Connect with Gavin on FacebookLinkedin or Twitter.

Share this article

Subscribe to receive articles right in your inbox

You cannot copy content from this page!

Get Your Free Guide On Keeping Your WordPress Website Safe

Subscribe to learn how to keep your WordPress website safe, starting with this free guide. Unsubscribe with one click at any time.

We hate SPAM and promise to keep your email address safe. Here’s our privacy policy.

SEND ME MY FREE EBOOKS!​

Three amazing products that will enhance your website performance, ranking and maximise your income! Our eBook offer includes three eBooks in one bundle.

We hate SPAM and promise to keep your email address safe. Here’s our privacy policy.