Roles and Permissions for WordPress Users
A website owner must be familiar with WordPress default user roles and capabilities to provide access to the specific dashboard areas/admin panel to specific users. This is necessary to manage any WordPress site and define what users can do based on the role assigned to them.
WordPress comes with a complete user role management system with a variety of types of user roles. The system also defines what a particular user is allowed to do or what a user is not allowed to do. With the development of your WordPress website, it is necessary to understand user roles and permissions.
A website owner can easily limit a user to tasks such as installing a plugin, creating a page on the website, editing posts by other authors, moderating comments, and more. Preventing other users from having administrative access ensures the site’s security. This also keeps the website safe from any accidental changes that could result in the breakdown of the site.
Let’s examine what the user roles and capabilities are in WordPress and how you can use them while managing your WordPress site.
What is the user role and capability in WordPress?
What is a user role? A user role describes permissions established for selected users to accomplish a group of tasks. In a default WordPress installation, there are pre-defined roles with different sets of pre-defined permissions. Every user role has a specific number of tasks that they are allowed to perform, which are known as “capabilities.”
WordPress user roles and permissions define the controls and rights for your website, ranging from super admin to subscriber. Every user role has a defined set of capabilities and permissions which are assigned to them.
Capability refers to a specific set of activities that a user is allowed to perform on the site. Every WordPress user role is well-defined. There are no misunderstandings about the areas that each user role can access and the actions that they can perform.
There are a variety of capabilities, including “moderate_comments”, “publish_posts”, “edit_posts”, and “edit_users”. Although every user role has a pre-defined set of capabilities, new capabilities can be added and/or removed from each user role. The user roles make it possible for WordPress websites to have several authors and hundreds of registered users. This accessibility has converted WordPress from a simple blog publication platform to a public platform that is skilled in operating membership sites, online publications, and many other kinds of sites that host many users.
For example, a WordPress user role includes capabilities such as:
Managing comments;
Writing blog posts;
Adding pages;
Installing or updating plugins or themes; and
Adding new users.
User roles are easy to use. They make WordPress sites accessible for multi-author concepts.
The super admin role has full access to all areas of a site, whereas the subscriber role has the least access. The subscriber role is only allowed to read posts but not to write or edit them. The contributor role can write posts but is not allowed to publish them. The author and editor roles are almost the same with a slight difference, while the administrator has access to all of the features which are included in administration for a single website.
New roles can be individually added and removed by using plugins. The website administrator is allowed to edit and publish posts, manage plugins, create pages, moderate comments, manage themes and other users, and much more.
Let’s scroll down to examine what we are going to cover in this article:
WordPress user roles
[VIDEO] Adding New Users: ► Subscribe for more useful videos
Six pre-defined user roles are available in WordPress:
- Super Administrator
- Administrator
- Editor
- Author
- Contributor
- Subscriber
WordPress default user roles dropdown
Let’s start with a brief description of WordPress user roles:
Administrator
This role is assigned to the most powerful user. The administrator role is given when a website is created. The administrator is at the top of the pyramid as it is given to the owner or the main developer of the site. They have access to all of the settings, features, and options of WordPress.
The WordPress administrator role can update WordPress, including all of its plugins and themes that are installed on the website. Administrators can add new users to the website. Administrators also have the authority to assign user roles and permission to others.
In short, an administrator can do almost anything on their website.
Editor
The editor user role allows you to edit or view any content on the WordPress site. Editors can read posts, leave comments, edit and delete posts, publish posts, upload files to the media library, edit and delete pages and content from users higher than themselves such as administrators, manage categories, and they can also moderate comments.
Editors are only one level behind the Administrator. They have full access to the post screen, so they can delete and edit anyone’s posts, add categories and tags, upload media, go to pages, and edit or delete anything in the area of the pages. When it comes to comments, editors can approve, spam or trash any comments.
However, the editor doesn’t have permission to add widgets, plugins, or WordPress settings. An editor also cannot add or remove users.
Author
The author role can log in to the WordPress Admin area. Compared to the editor role, they have a minimal set of permissions.
The author role can read posts, comment on posts, edit and delete their posts and publish their posts. Authors cannot create new categories. They have to choose from the existing categories. The author can see comments but cannot approve or delete them. They can’t add widgets or create any sort of plugins on the site.
This role is designed to be for someone who creates the right kind of content for your website and is trusted to manage and publish their content.
Contributor
The Contributor user role can add and edit new posts, but they cannot publish any of their posts. This user role can write blog posts and articles, but it doesn’t have permission to publish them. This means that after they write a post, it is moved to draft, and an administrator or editor will review it. Also, while writing their posts, they are not allowed to create new categories, and they have to select categories from the existing ones. However, a contributor can add tags to their posts. The main disadvantage of this role is that the contributor cannot add any images to their posts. They also can’t upload any of the files.
The contributor role can view comments, including those pending moderation, but they are not allowed to approve or delete any of the comments. They don’t have any access to settings, themes, or plugins.
The contributor user role has very few permissions in WordPress, and the ability to submit content for review is its default permission.
Subscriber
The Subscriber user role has very limited capabilities and remains so unless the default capabilities are changed. Users who are assigned the subscriber user role can log in to the WordPress website, can update their profile info, change their password, and have a very limited ability to modify the WordPress dashboard.
Subscribers are not allowed to write or publish articles. They can’t touch the administration area. This user role is important for those people who often read blogs or comment actively. It makes it easy and fast for people to comment on a blog.
The subscriber role is also assigned to users who have subscribed to any website using mailing lists, RSS feeds, or other features to receive updates from the website.
Conclusion
In this article, we have explained WordPress user roles. When it comes to users and their roles, WordPress is very flexible. Along with the pre-defined user roles, you can easily create or customize user roles with your desired set of capabilities. However, be cautious when assigning capabilities to a user, as someone with too much power and knowledge can damage your site. For this reason, it’s a good idea to keep a close eye on the WordPress user roles and capabilities allocated to the users on your WordPress site.
We hope that this article will be helpful for all WordPress users, especially beginners. And if you have any questions or concerns, let us know!