One of the great things about WordPress is how easily it prevents accidents on your website by assigning people roles that limit what they can do.
No one wants to be the person who accidentally wreaks havoc on a website. Right from the start, WordPress required administrators to define user roles to everyone to whom they grant access to the site software. This goes a long way to ensure that people work within the parameters they need.
WordPress Has Five Basic User Categories
WordPress administrators must assign one of five WordPress user roles and permissions, each time they provide access to the website.
These are five basic user categories:
The Admin role is the most powerful WordPress role. Admins have access to all functions on the site.
WordPress also has something called a Super Admin role for admins who oversee multiple sites. These are usually people who do a lot of webmaster work and handle mostly technical issues. Super Admins can, in turn, assign Admins to individual sites, or make new Super Admins.
Subscribers fall at the other end of the user role. These roles are for people who use the site to get access to locked areas of a site or can use it to store information like credit cards and addresses. Examples include membership-only sites, subscribers to news sites, and shoppers who register with an e-commerce site. They can only change their own information, which should always be password-protected, meaning even admins won’t have access to this information without explicit permission from the owner.
In between, there are Authors, Contributors, and Editors.
Authors can write, edit, publish, and delete their posts after they’ve been edited. They can assign categories to their posts, but they can’t create new ones. Also, they can create and add tags and view pending comments on their posts as well, but they do not have permission to edit, approve, or delete any from the queue. Another thing they can do is upload new images to the Media Library.
Contributors have similar roles as authors, except that they can’t publish or delete their posts. They have to submit new posts for approval before they are published, usually to an editor. They can’t upload new images but have access to images and videos in the Media Library.
Editors control all content, including posts, categories, tags, comments, media, etc. They can also edit anything associated with these items, such as editing tags and comments, and metadata like alt content for images.
Adding New User Roles and Permissions
Some plugins that assist with specific tasks like SEO (Yoast is a popular one) or automatic reporting, add new WordPress user roles and permissions. There are also plugins that let you create and define what users can see and do on WordPress’ backend.
- User Role Editor is one of several plugins that let you edit, add and delete roles and capabilities. You can block selected users (even Admins) from certain roles, and assign multiple roles to one person. There are free and fee-based Pro versions for this plugin.
- Nav Menu Roles lets you limit what certain users can view based on user type. It works by customizing menus and then defining who can access what, according to criteria you create.
Once you have more people working on your WordPress site, you will see the benefits of assigning roles, particularly if you’re the main Admin. Plus, most people who have limited needs from WordPress’ back-end don’t want to navigate through lots of menus and functions – they know what they need and probably aren’t all that interested in what else is there. For more topic-related tips and trick check out our blog!