As your website or blog grows, you will need a team that will help you create, add, and edit content. WordPress has a User Management System which allows you to add Users and to give them different permissions. As an Administrator, you can easily add, remove, and control people, related to the management of your site in your WordPress control panel. While creating a new User for your website, you need to define his role and access level, which can be confusing for the beginner WordPress Administrator. That's why we wrote this article in order to help you understand user roles and permissions in WordPress.
The platform has got hundreds of different options which can be grouped into roles by changing user rights. WordPress has 5 basic user roles: Administrator, Editor, Author, Contributor, and Subscriber. We are going to present you each one of them and explain to you what their rights are and what kind of tasks they can perform:
Administrator – This usually is the owner of the website or the blog. The moment you complete the WordPress installation on your website, you automatically get the status of Administrator. The role of Administrator gives you the most power in terms of managing your website – updating, installation of plugins, change of themes, and other processes of site management. You can easily give this role to another person who has greater technical skills if you feel unable to handle these tasks. You can create another user that has the same rights as you in your control panel, from the menu Users -> Add new. We advise you to give this role only to people you know you can trust.
Editor – This role has full control over the content. It allows you to publish articles, to approve, to delete, to change the articles of the other users, to control the comments and manage categories and tags. The editors have no rights to configure the way WordPress works and can't change the theme and install extensions. They are responsible for the content that will be published on the website. In their menu, the Editors have access to the functions Posts, Media, Pages, Comments, Profile, Tools.
Author – This type of Users can write, edit, delete, and publish their posts without the need of the editor's approval. Although the Authors can view all the comments, they can manage only those that are under one of their publications. They have access to the menu Media and can upload files.
Contributor – The Contributors can create content but are not allowed to publish it without the approval of an administrator or editor. If you want only the Editors to have control over what will be published on your webpage, you would like your copywriters to have the role of Contributor. This type of users can add tags to their posts but doesn't have the right to upload their own files or to create categories.
Subscriber – The Subscribers don't have any editing privileges over your webpage. Their rights include logging to your WordPress site, updating their profile, changing their password, leaving comments. They don't have access to the admin panel, the menus, and the settings. The role of the Subscribers is useful if you want your readers to leave comments or read posts only when they are logged in to your website. This allows you to maintain high control over the comments. The role of a Subscriber has the most limited rights, and it is intended for your readers.
How to Apply the User Roles Correctly
We hope that you grasped the idea behind the WordPress user roles and now that you understand them, you have to know how to apply them correctly. Although every website is different and the way you distribute the user roles could vary, some basic rules apply to anyone and every site.
- Give each user only the level of access they need - You already know that different user roles have a different level of access to your website. For security reasons, you have to be very thoughtful and try to give each new user only the level of access they will need. That's how you are going to prevent some mistakes from happening in advance, so no one will be able to make unapproved changes or delete content accidentally.
- Keep the number of user roles low - Remember to create a proper structure and keep the number of user roles low. The best option is to have one administrator and a few editors who are going to work on your content. You can assign the author role to content creators who have proven themselves, and you can trust them enough to manage their own content on your website. For one time writers, the best role would be the Contributor.
- You can customize the existing user roles - The default system is effective, but you may benefit from using different plugins for enhancing the functionalities of the user roles. Some plugins allow you to alter the existing user roles or to create customized ones for your website needs, especially. We are going to dive deeper into those types of plugins and how you can benefit from them!
Customize Existing User Roles
Default user roles are designed to have capabilities that fit the requirements of the majority of website out there. However, you and your site might have different needs, and you might want to modify the default roles. You will be glad to hear that you can do it by using the Capability Manager Enhanced plugin, which allows you to change the permissions and customizе the existing user roles.
Let's say that you want every article that is about to be posted on your website to be approved by yourself only and not by the editor. Or you want to change the permissions of the author so they won't be able to delete their articles once you stop working with them. Well, with the Capability Manager Enhanced and its user-friendly interface, you can change permission with a single click.
First thing you have to do is to install and activate the plugin. After that go to the Capabilities section, and from there you can customize the permission to each user role. Once you are done, go to the bottom of the page and save your changes.
Create your own User Roles
Although you can modify the existing user roles, sometimes they might not be what you are looking for and what your website needs.
Fortunately, you can use the same plugin - Capability Manager Enhanced to create your own user roles and give them whatever permissions you want. After installing and activating the plugin, go to the same section "Capabilities" and "Create new role" (you will see it on the right side of the page).
For instance, you want to hire a person whose task will be to moderate the comments under your articles. Then, you can create a "Moderator" user role for them specifically. Everything you have to do is to go to the sidebar, insert the name of the new role and then select the moderation comment option from the "Other WordPress Capabilities."
Knowing the specifics of each one of the user roles in WordPress is crucial as your site grows. By creating different user roles, you can easily organize your work process and the tasks of your team. Make sure you understand the fundamental user roles and what they are capable of. Only then, you will be able to take full advantage of this WordPress feature and assign the right role to the right person. However, if you are in doubt how many user roles to have, remember that it's better to assign too few permissions than too many.