The 5 user roles for your WordPress site

If you are building a multi-author site or simply need to give other people access to your site and allow them to manage it, you must assign an appropriate role to each person. WordPress comes with 5 default user roles, each carrying a specific set of permissions. These user roles help clarify responsibilities and ensure that no unauthorised user can carry out actions that could harm your site.

In this post, we will explain the WordPress user roles so that you can use them correctly.

The different WordPress user roles

WordPress's role management system defines the permissions and restrictions for each type of user. By default, WordPress ships with the following user roles:

• Administrator
• Editor
• Author
• Contributor
• Subscriber

You need to understand and keep these 5 roles in mind if you plan to invite contributors or bring someone on board to help manage your site.

Here is a closer look at each role:

The Administrator

Of all the user roles, this is the most powerful. It is assigned to the site owner during the WordPress installation. The Administrator can install, modify and delete plugins and themes, as well as create, edit and delete both new and existing posts and pages.

The Administrator can also upload new media and add or remove users by modifying their usernames and passwords. They have the ability to delete other administrators.

Given the breadth of permissions attached to the Administrator role, it is clearly not intended for every user on your site. You should be careful about whom you assign this role to and have the highest level of trust in that person.

The Editor

The Editor role grants full control over your content, including posts, pages, media and comments.

Anyone with an Editor role can add, edit, publish and delete posts on WordPress — both their own and those written by other users. Editors can also review, edit, delete and approve comments, and upload and delete images or other media on your site.
However, an Editor cannot modify site settings, install, activate or deactivate plugins and themes, or add and remove users.

Be especially vigilant: hackers can identify the name of the person who wrote posts and launch a brute-force attack to gain access to your site. To guard against this, it is advisable to create a separate Editor role, even if you (as Administrator) publish all the content yourself. This prevents hackers from accessing the vital sections of your site should it be compromised.

The Author

The Author role allows users to write, edit and publish their own posts. They can also delete their own posts, but not those written by other users. Unlike the Editor, they cannot create new categories or tags, but can assign existing categories to their posts. They are also able to upload images and other media files. They are not permitted to moderate comments and have no access to settings, plugins, themes or other users' profiles.

The Contributor

They can post and edit their own posts, but are not authorised to publish or delete them. Likewise, they cannot create new categories and tags or upload media files to your site — a significant drawback if you have regular contributors, as they will need a user with an Editor or Author role to upload those files.

They can choose from existing categories and tags to assign to their posts. They can view comments but cannot moderate them, and they cannot manage the settings page or modify, upload, activate or deactivate themes and plugins.

The Subscriber

The Subscriber role is assigned to every user if you enable site registration. It is the role with the fewest permissions, covering only updating their own user profile, reading content on your site and posting comments.

They have no ability to write posts, manage other users or manage your site's settings.

Special role: Super Admin

If you use WordPress multisite, there is one additional role you need to know about. The Super Admin role is assigned to a multisite owner. They have the ability to add and remove sites on a multisite network, install plugins and themes, manage users, perform network upgrades and carry out all the same actions as a regular Administrator.

The Collaborate tool in ManageWP

If you use ManageWP to update your sites, you can control user access for each of your sites through a convenient feature: the Collaborate tool. It is used to add other people from your organisation to help manage the site, granting them either full or read-only access, and allowing you to decide which sites they can access.

This feature is also useful if you are a WP developer or designer managing client sites. You have the option to give your clients access to the ManageWP dashboard to keep them informed without risk of error.

The importance of user roles

Understanding and using the default user roles will greatly improve the security of your site and keep all users properly registered. Beyond these standard roles, you can, if you wish, define your own custom roles with specific permissions for greater control. Simply use the plugin: "Enhanced Capability Manager". It allows you to manage existing WordPress roles, modify their capabilities and add new ones…
And if you simply need to bring in someone else to manage your site, or want your clients to see what you are doing, consider signing up for ManageWP and using the Collaborate tool to control user access to your site.

User roles are critically important if you run a multi-author site or need to manage your site with others. In such cases, you grant each person a more or less limited level of access based on the role you assign them. This management system ensures the security of your site at every level.

YOU MIGHT ALSO LIKE

UGC, the future of marketing: How user-generated content can revolutionise your marketing strategy

by Yumea, 7 March 2023

UGC (User Generated Content) is changing the game in the world of marketing. With the rise of social networks and content-sharing platforms, the … READ MORE

Category: News , Getting visible online , Social media

Comments: 0

How to use Instagram to reach your audience and drive traffic to your website

by Yumea, 1 February 2023

Social media has become an indispensable tool for businesses looking to reach their target audience and drive traffic to their website. With more than 3.8 billion active users… READ MORE

Category: Getting visible online , Instagram , Social media

Comments: 0

7 Artificial Intelligence (AI) tools to know in 2023

by Yumea, 12 January 2023

In 2023, there are numerous platforms using artificial intelligence (AI) to help users write content and generate images. If you are looking for tools to help you write… READ MORE

Category: News

Comments: 0