Understanding how WordPress role permissions work is essential if you have a team of people adding and editing your websites’ content. In the following text, we will explain how WordPress user roles work and why they are useful.
Let us have a look at each default role, and then move to some tips on how to apply them!
WordPress roles explained in less than a minute
As we already mentioned, WordPress user roles are what defines which user is allowed to do what. To paint a picture, besides other WordPress user permissions, an author can publish a post, while an editor can do that and a bit more – publish pages, for example.
So, different WP roles have different WordPress capabilities. That type of hierarchy helps secure your website and its content and can help you define workflow of your team.
Default WordPress user levels
When you install WordPress, you are given five default user roles. We will list them out below, starting with the one which has the least amount of permissions:
WordPress subscriber role
All new users default to subscriber role. They can read your content, write and post comments, and create a profile using your dashboards – and that is it!
Quick tip: If you want your readers to register on your website without too much hassle, go to settings, general, membership, and check “Anyone can register” box. Then, find the Meta widget in appearance, widgets, and add it to your sidebar.
WordPress contributor role
Something more exciting: contributors are allowed to write posts, edit them, and delete their unpublished posts, with a catch. An admin or an editor must review and publish the written post, and they will also have to assist the contributor with images, videos and audio files since they cannot access the media library.
If you think about having a guest blogger, or anyone that does not post regularly, contributor role is for them.
WordPress author role
On a first glance, these roles look similar, but if “WordPress contributor vs author” battle would occur, the latter would win.
Authors can write, edit, delete and publish their own posts, as well as upload files into the media library, but they cannot see anything created by other users on the dashboard. Another plus is the ability to moderate comments on their own posts.
Of course, the role has certain limitations: they cannot delete anything from the media library, and can’t create, edit, or delete pages.
WordPress editor role
Now we are getting to the interesting part.
In addition to permissions that an author role has, an editor can publish, edit, or delete any page or post, including the private ones. They can moderate comments, manage categories and links.
The role is great for anyone that needs permission to access all of the content, without having the ability to change themes, plugins, widgets, and, most importantly, settings.
WordPress administrator role
An administrator lies at the top of the WordPress permissions hierarchy chain.
He watches over other WordPress users and can perform every action available through the dashboard. Administrators can change themes, modify core files, and change other users’ roles, also have complete control over all content.
Bonus: WordPress super administrator role
This role is not available in standalone WordPress sites, but if your website is a part of WordPress Multisite Network, then you will have a super administrator who is watching over the entire network.
Super administrators can do everything an administrator can – but across the entire multisite network. In addition to that, they can add and delete sites from the network.
Editing Existing User Roles
Default WordPress user roles have clearly defined permissions which works for most of the websites, but you can definitely edit those permissions to your liking.
Maybe you think that authors on your website should be able to publish and delete their own posts without having to wait for an editor’s or an admin’s blessing? If you trust your authors, then allowing them to do just that will speed up the workflow.
Of course, the story can be completely different. Having the ability to delete their own posts may spell disaster in case the author leaves the job on bad terms and decides to remove all of his or her posts.
Either way, for the sake of this WordPress user role tutorial, let us assume that you want to remove the permission of authors to delete their own content once published.
The first step is to install and activate WordPress user roles plugin called Capability Manager Enhanced plugin.
Then go to users, capabilities and select the user role you want to change from the top box in the right column, and then click the load button. Uncheck the capabilities that you want to remove from the user, and save changes.
This will load user’s capabilities in the boxes on the left.
How to add WordPress custom user roles?
Using the WordPress user role plugin we just mentioned, you can create custom user roles with their own set of permissions for your website.
Go to user, capabilities and type in the WordPress user role name under “Create New Role”. After that, under “Other WordPress Capabilities” select which permissions you want the custom user to have.
It is simple as that.
How can I effectively apply user roles on my website?
Now that you know how each user role works, it is time to take a look at how to apply them correctly. Here are several tips for making the best out of WordPress user roles which you can use on your website:
- For security reasons, every user should only have the level of access they need.
- Limit the number of top user roles. We suggest having only one administrator and a few trusted editors.
- Assign author role to users which regularly create content for your website, and have earned your trust.
- New and one-time writers and guest bloggers will be more than happy with the contributor role.
- Use a WordPress user roles plugin to customize your user roles. We already talked about Capability Manager Enhanced, but User Role Editor is also a good option.
FAQ on WordPress user roles
How do WordPress user roles really work?
Ah, so here’s the gist: WordPress user roles dictate what a user can and can’t do on a site. Think of them as a set of permissions or capabilities.
When you assign a role to someone, you’re essentially giving them a set of tasks they can perform, like writing a post or managing comments.
What’s the difference between an Author and a Contributor?
Alright, this one’s pretty straightforward. An Author role allows someone to publish and manage their own posts.
On the other hand, a Contributor role can write and manage their own posts, but they can’t hit that “publish” button. They need an Editor or Admin to approve it. It’s a user level access thing.
Can I create custom roles in WordPress?
Definitely! Although WordPress comes with default roles, sometimes they don’t fit your exact needs. For those situations, you can use plugins like a user role editor or role manager plugin to craft your own roles.
These plugins let you set specific capabilities and create roles that are tailor-made for your website.
How do I change a user’s role?
Changing roles is a cinch! Head over to the WordPress backend access, click on ‘Users’, and then select the one you want to edit. From there, you can easily adjust their role from a drop-down menu. Just be mindful of giving too many permissions, alright?
What’s a Super Admin?
Ah, the mighty Super Admin role! This is a unique beast, especially relevant for WordPress Multisite installations.
They have permissions to manage network-wide settings, themes, plugins, and even add or delete sites. They’re like the big bosses of the WordPress world.
Can I restrict content based on user roles?
Absolutely! If you’re aiming for role-based access control, there are plugins out there that allow you to restrict content based on roles. It’s a fab way to ensure only certain eyes see specific content. Perfect for membership sites or exclusive content.
How do Editor and Admin roles differ?
Great question! So, an Editor has the power to write, edit, publish, and delete posts—including the ones by other users.
They can manage comments too. An Admin, though, has all the powers of an Editor and more. They can manage themes, plugins, and other settings. It’s like comparing a knight to a king in the WordPress user management realm.
What happens if I delete a user role?
If you’ve got a custom user role and decide to delete it, users who were assigned to that role will lose their assigned tasks and capabilities. Always best to reassign users to another role before axing an old one. You don’t want to leave folks in a user permissions limbo.
Why can’t my Subscriber edit posts?
Subscriber role is like the entry-level gig in the WordPress world. They can login, read content, and update their own profiles, but that’s about it. If you want them to edit posts, you’d have to bump them up to roles like Contributor or Author. Think of it as a progression in WordPress capabilities.
How safe is it to give someone an Admin role?
Ah, the golden question. Giving someone an Admin role is like handing them the keys to your house. They get nearly full control. So, trust is the name of the game here. Only give it to those you absolutely trust. Remember, with great WordPress permissions comes great responsibility.
Ending thoughts on WordPress user roles
If you have a team that you are working with on your WordPress website, defining each member’s roles and responsibilities is mandatory for a productive workflow. Knowing what each WordPress user role does is the first step in creating an efficient and secure website.
Using the plugins to add custom roles and edit each user roles’ permissions is also an excellent way to enhance your workflow.
If you need help with your website, WP Buffs is a 24/7 WordPress website maintenance services for serious website owners & white-label partners. Whether you’re looking after 1 site or 1000, they’ve got your back!
Hopefully, this guide helped you gain a better understanding of WordPress user roles!
If you enjoyed reading this article on how to edit WordPress user roles, you should check out this one about how to reset WordPress.
We also wrote about a few related subjects like how to duplicate a page in WordPress, how to edit HTML in WordPress, how to embed video in WordPress, how to change WordPress URL, how to add JavaScript to WordPress and how to add WordPress featured image.
