Have you ever wondered what the WordPress user roles are for or how to use them? Maybe you’re here because you want to figure out which roles give which capability to users. We will answer all your WordPress user role questions here.
WordPress by default is bundled with 6 different user roles. Super admin, admin, editor, author, contributor, and subscriber. Each role gives a user different permissions or capabilities when logged into WordPress. For example, a contributor role would allow a user to create posts whereas a subscriber role will not.
If you are the only member of the site, then it’s likely you have never given these roles much thought or had the need to until now. WordPress user roles are essential if you are going to give other people access to your site.
If you need to add another user to your site whether it’s for them to create a post, edit a page or manage SEO you need to ensure that you assign them the correct user roles for their needs.
By applying the correct user role, you ensure that you don’t give anyone more power on your site then is needed. We have worked with many WordPress websites that have several admin users. Ideally, you want just one admin account which minimises the points of entry for any hackers. If you need to have more than one admin, then make sure the admin accounts use secure passwords, for added security you could also use 2-factor authentication.
This is good practice for all users really. Strong passwords are very important in keeping your WordPress website secure.
In this post, we will walk you through each WordPress user role, what its capabilities are and how to use them.
What Does Each Role Mean?
1. Super admin
A super admin is a special role reserved for those admins who manage multiple WordPress websites on a multisite install. A super admin has the same capabilities as a normal admin, but their capabilities stretch across multiple websites. So not only can they edit delete and change posts, pages, and users on their own site, they can also do this across a network of WordPress websites. If you run a single website, you would likely not come across or use the super admin role.
Looking for a complete WordPress Maintenance Plan?
With all ThriveWP care plans, we include free migration, malware removal, daily/hourly backups, plugin theme and core updates, ongoing support and 24/7 security monitoring and firewall.
2. Admin user
As stated above and admin user has full control of the website, from managing posts pages and users to password and security admin users can do it all. They can install plugins, themes, edit theme and plug-in code. Create edit and delete posts and pages, add new users and edit their details and passwords. Because an admin user has such power, it is important that you only give users admin roles if entirely necessary. The single most used way to hack into a WordPress website is by guessing passwords. Bots are often sent out to try and crack website passwords. We see at least a few attempts to guess our admin account passwords every day, so ensuring you use a good password and 2-factor authentication is important.
3. Editor
As the name suggests, the editor role enables a member to add, edit and delete pages posts or comments. This includes the posts, pages, and comments of others. Editors are not able to change settings, add or edit plugins or themes.
4. Author
Authors are similar to editors, the difference is that authors can only add edit and delete their own posts so they only have control over their own content. Authors are unable to edit or approve comments and they cannot add post categories although they can choose from currently available ones. Authors cannot access WordPress settings plugins or themes.
5. Contributor
The contributor role is a very paired down one. A member with this role will only be able to add and edit posts, they will not be able to publish this post and cannot edit or publish or delete other members posts. The disadvantage of a contributor role is they are also unable to manage Media. This means they cannot add images or other media to their posts and the posts will not be published until another member with a higher role level publishes it.
6. Subscriber
This role is the most restrictive one and only really allows a user to log in and edit their profile or change their password. They are unable to create or edit posts and cannot access the admin area of WordPress. Therefore, this user group is only really useful for members that you require sign in for to post a comment.
What are the roles SEO Manager and SEO Editor?
Some people might also be aware of the
How to do I edit the role of a user in WordPress?
Editing the role of a user in WordPress is relatively easy. Once you have logged in, simply navigate to the user page in the admin area and you will see a list of your users. Next to users you will see the role that is currently assigned to them. You click on the user’s name and scroll down where you will see an option to change the primary user group or user role. You simply select the role you want to assign that user and click save. As an admin user, you are able to edit the user role of any user on your site and can change it at any point
Try this user role plugin for more fine-grained control.
Sometimes you might find that the default WordPress user roles that come with WordPress don’t quite fit your needs. If this is the case then we recommend taking a look at this WordPress User Role plugins.
User Role Editor
User Role Editor WordPress plugin allows you to change user roles and capabilities easy.
Just turn on check boxes of capabilities you wish to add to the selected role and click “Update” button to save your changes. That’s done.
Add new roles and customise its capabilities according to your needs, from scratch or as a copy of other existing role.
Unnecessary self-made role can be deleted if there are no users whom such role is assigned.
Role assigned every new created user by default may be changed too.
Capabilities could be assigned on per user basis. Multiple roles could be assigned to user simultaneously.
You can add new capabilities and remove unnecessary capabilities which could be left from uninstalled plugins.
Multi-site support is provided.