A Guide to WordPress User Roles – What Are They and How to Use Them?
If you have been using WordPress on your own, you might have never used WordPress user roles. However, if you have a team working with you or if you have given access to your WordPress, you might be using WordPress user roles on a regular basis.
WordPress user roles are used to ensure that people who have access to your website are restricted to only some specific actions. These user roles make sure that other-other users of your website don’t access sensitive areas of your WordPress.
This article will cover what these WordPress user roles are and why are they important. We will also take you through the different WordPress user roles and their functions.
What Are WordPress User Roles and Why Are They Important
WordPress user roles are assigned to different users to restrict them to certain rights. If you have multiple users using your WordPress then you wouldn’t want all of them to, for example, have the rights to install or remove plugins or make changes to the theme. In this case, WordPress user roles are used to keep the main rights to yourself and assign only those rights to other users that concern them.
WordPress user roles can be applied smartly to make sure that your WordPress panel is not mismanaged. This is because a user with more rights than he or she actually needs can make things go wrong very quickly.
Especially true, for example, if you are running a store based on WooCommerce. You might have customer orders and their information in your database is highly sensitive. As an owner of such a store, you wouldn’t want anyone having access to that information or access to your dashboard. This is where WordPress user roles can be effectively used and help restrict access for certain users.
Another reason why WordPress user roles are important is that they can define responsibilities and workflows for certain users of your website. For example, if you want a user to only edit posts and pages, you would give him or her the user role “contributor”. This way the user won’t be able to do anything else from the dashboard.
Pre Installed WordPress User Roles
WordPress comes with out of the box WordPress user roles that can be used to restrict admin rights. Usually, these roles are enough to make sure that your WordPress runs smoothly.
Let’s discuss these WordPress user roles one by one.
Administrator
When you launch a WordPress website, you are automatically assigned the Administrator role. The Administrator has all the rights as a WordPress user. This role gives access to all the areas of the dashboard including the theme editor. The Administrator is also the one who controls WordPress user roles that are assigned to other users.
A user with this WordPress user role has the right to add and remove plugins. They can access the entire plugin section and can activate and deactivate plugins as needed. Along with that, these users can also access the theme editor and make changes.
The Administrator basically has all the rights and should ideally be assigned to only one person. The access to this account must also be kept safe.
This is how the admin screen looks like for an administrator.
Editor
The Editor role lets a user edit post and pages of the website. This WordPress user role is highly limited and is only concerned with the content section of the website. The Editor role can publish a new post from scratch or edit the current posts. It can do the same with all the pages of the website.
The Editor role can also moderate visitor comments on the website. However, they don’t have access to the plugins or the themes section of the website. They cannot add or remove plugins neither can they make changes to the theme.
This role is usually assigned to the content team whose responsibility is to publish blog posts or create landing pages. The Editor role can also be assigned to guest authors.
The Editor sees the WordPress dashboard with limited options as shown below. You can compare this admin screen with Administrator admin screen and notice how few are the options with Editor.
Author
The Author’s role has even fewer options as compared to both the Administrator and Editor roles. The Author role is strictly for editing and publishing posts. They don’t have access to pages or comments.
A user with the Author role has the right to only publish a new post or edit the current ones. It is, therefore, a very clear and specific role that requires very little explanation.
The admin screen to an Author looks like this
Subscriber
A user assigned a subscriber’s role can’t contribute in any way to the website. The user doesn’t have access to anything, be it posts, pages, plugins or theme. A Subscriber can’t do anything except managing their own profiles.
This is how a Subscriber sees the admin screen. You can see how bare the sidebar is. There is practically nothing this user has access to.
- WordPress User Roles in WordPress Multisite – The Master Admin
- WordPress Multisite is a WordPress functionality that lets users manage multiple WordPress sites from a single platform. When you
- launch a WPMU, you are assigned the Super Admin role.
The Super Admin is responsible for the entire WordPress multisite network. This user has the rights to manage all the websites in the network. The super admin can access plugins and themes of all the websites. They can also delete and add new sites to the network.
Super Admin user changes the responsibilities and the rights of a regular Administrator. First, the regular Administrator in a WordPress multisite network is given access to their websites and not others.
Second, the Administrator can no longer change the plugins or the theme of his or her website as this right is reserved only for the Super Admin. The Super Admin is the one who decides which plugin or theme can be installed on the websites.
WordPress User Roles in WordPress Multisite – The Master Admin
WordPress Multisite is a WordPress functionality that lets users manage multiple WordPress sites from a single platform. When you launch a WPMU, you are assigned the Super Admin role.
The Super Admin is responsible for the entire WordPress multisite network. This user has the rights to manage all the websites in the network. The super admin can access plugins and themes of all the websites. They can also delete and add new sites to the network.
Super Admin user changes the responsibilities and the rights of a regular Administrator. First, the regular Administrator in a WordPress multisite network is given access to their websites and not others.
Second, the Administrator can no longer change the plugins or the theme of his or her website as this right is reserved only for the Super Admin. The Super Admin is the one who decides which plugin or theme can be installed on the websites.
How to Assign WordPress User Roles
To assign WordPress user roles, as mentioned earlier in the article, you must be the Administrator or Super Admin in case of a WordPress multisite. Assigning user roles is simple.
Navigate to Users on the WordPress dashboard.
You can view current users of your website by clicking All Users.
To assign new user roles, click on Add New. Once you do that you will see a form like the one below.
Just fill this form and click, select the WordPress user role from the drop down and click Add New User.
That’s it! Your new user has been assigned.
WordPress User Roles Best Practices
Now that we have understood what WordPress user roles are and how we assign them, we must understand how can we use them to our advantage. User roles, if used smartly, can make your workflow smoother and protect sensitive data.
Let’s look at some of the WordPress user roles best practices.
Assign top user roles to a limited number of users: It is always recommended to assign the Administrator and the Editor user role to just a handful of people. Some even suggest the Administrator role should be assigned to just one user. This is because these roles are the key to your website, if assigned to a lot of users can put your website at risk.
Users must only be given the access they need: To make your WordPress more secure, users must only be given the rights that concern them. This will ensure that no one makes any unapproved changes to the website or the content.
Plugins are a good way to customize user roles: The out of the box user roles are usually enough, but if you want to extend their functionalities then you can use WordPress user roles plugins. These plugins allow you to create your own user roles and edit the existing ones.
WordPress User Role Plugins
User Role Editor
As the name suggests, User Role Editor enables users to edit their user roles. The plugin lets users add new user roles and change user capabilities.
After you have installed the plugin, you will notice an extra option by the name of User Role Editor.
Once you click on this new option, you will be directed to a new page where you can edit the capabilities of each user role.
From this page, you can add a new role, rename a role and add further capabilities to current user roles. At the top, you can select the user role from the drop-down menu that you want to edit. Then, from the list of functions below, you can select the capabilities that you want to add or subtract from a user role.
Advanced Access Manager
Advanced Access Manager is a powerful WordPress user role plugin that is used to extend current user role functionalities. The plugin gives users complete freedom to customize user roles and define the capabilities of different users.
Once you have installed this WordPress user role plugin, you will see a new option in your admin panel sidebar, AAM.
After selecting this option, you will see a new page where you can manage all your user roles. The main panel is powerful and it enables users to make a lot of changes.
On the right, you can see the default WordPress user roles and select them to manage, edit and clone them. To add new roles, you can click on the plus sign.
WPFront User Role Editor
With more than 60,000 active installs, WPFront is one of the most popular WordPress user role plugins. The plugin provides a simple interface that lets the user make all kinds of changes to their user roles.
After installing this plugin, you will see a new menu by the name of Roles.
Once you click on that option, you will be shown all the WordPress user roles that are currently used on the website.
You can add new roles by selecting the Add New option from the top right. The plugin provides a simple dashboard to add new user roles to the current list.
Just enter the display and role name and select what capabilities and rights you wish to assign that particular role and click Add New Role. Your new customized role will be created.
Members
Members are developed by Justin Tadlock, a well known WordPress core contributor. The plugin allows users to control what functions you want your users to perform on your website.
Once you have installed the plugin you will see a new option by the name of Assign/Migrate.
After selecting the option, you will be taken to a new page which will let you manage your user roles. The admin panel is very clean and simple so you don’t have to think a lot before adding or assigning new roles.
Final Words
WordPress user roles are essential if you have a team working with you on a website. To establish boundaries and a smoother workflow, user roles must be assigned to every team member. Smart use of WordPress user roles can make your team and website work like a well-oiled machine. On the flip side, ineffective use of user roles can result in mismanagement of website content and information.
See: WordPress SSL Certificates: What Are They and Why Are They Important?
Create Faster WordPress Websites!
Free eBook on WordPress Performance right in your inbox.