Managing WordPress User Roles, and Why They’re Important
WordPress user roles are an often overlooked and unappreciated aspect of the WordPress CMS.
Numerous companies only have one or two people who ever need to log into their website to publish posts or do updates. Many other organizations and nonprofits using WordPress have multiple users, however, and could benefit from a smart implementation of the various WordPress user roles.
Membership sites, sites with multiple writers, sites where the admin duties are split among staff, e-commerce sites and more can all keep their websites more organized, and even more secure, with proper user management.
Standard User Roles in WordPress
When you create a WordPress site, the initial login account is the default Administrator account. This account has access to all capabilities of the site, from being able to add users, plugins and themes to editing and performing updates. The Administrator account is basically a defacto master account, and has access to all settings and front-end accessible files.
But WordPress, right out of the box, also provides you with other user roles to implement. These standard default roles include Editor, Author, Contributor, Subscriber and, for multi-site installs, the role of Super Admin. You can learn specifics about each role’s capabilities on the WordPress Codex.
Here’s a brief summary of each default user role.
As mentioned above, the Administrator account has access to all aspects of your WordPress site. The Administrator can do everything from adding, activating or deleting plugins and themes, to editing any posts, pages, images or settings on the website. The Administrator account is also responsible for managing other users and assigning them their user roles.
II. Editors and Authors
The next tier down of permissions belongs to WordPress Editors and Authors. Editors and Authors have access to publishing capabilities, but do not see site elements such as plugins, themes, settings or other user accounts in their dashboards.
Editors are able to create pages and posts, approve and publish others’ posts, can access the Media library and moderate blog comments.
The Editor role is great for proofreaders and content mavens who like handling all aspects of the publishing process, including reviewing and editing others’ content, but who should not have, or do not want, access to all of the administrative options.
Authors are able to create, edit and publish their own posts, but not the posts of other users. They are also not able to create, edit or publish pages. However, they do have the ability to upload and edit media files within the Media Library.
This is a great role for self-sufficient writers who know how to add and place media such as images or audio tracks responsibly to a post, and in whom you can trust to do their own editing. It’s also a good role for those who don’t need much supervision and who can publish breaking news or information quickly without having to wait for an Editor or Administrator to approve the post.
The graphic below shows what different user roles see, and have access to, in their dashboard on a typical WordPress website. Note the reduction of available items as you move from an Administrator account on left, to Author and Subscriber on right:
III. Contributors and Subscribers
Contributor and Subscriber user roles are the two default roles with the least amount of permissions and capabilities.
A Contributor is able to create and edit their own new posts, but does not have the capability to actually publish them. (That responsibility falls to an Editor or Administrator.) Nor are they able to upload media files or edit their post after it has been published.
This can be a good role for new or developing staff writers and outside writers who are still learning their way around the WordPress publishing process. It is also a good fit if you have a discussion board or membership site and encourage those from outside your immediate staff to start new topics or threads of dialogue.
A Subscriber is the role with the least amount of access. A Subscriber cannot create any content or manage any element of the website except the information found within their user profile, such as their bio, profile picture or password.
The Subscriber role is most often reserved for site users who wish to comment on your site’s posts and as a way to allow users access to subscriber-only content.
IV. Multi-site and Super Admins
The final default user role in the WordPress ecosystem is that of a Super Admin. This role is exclusive to multisite networks and is not one that you will even see available if you have the usual single site installation.
WordPress User Roles and Security Issues
A user is not stuck with whatever role they are initially assigned. The admin can change any user’s role in an instant. If you have a Subscriber who could prove to be an excellent Contributor or Author, you can bump them up to a more capable role with the click of a button on their profile page. Likewise, an Editor who needs to downgrade their role or isn’t working out can be switched to Author, Contributor or Subscriber with ease.
There are also several points to keep in mind with WordPress user roles and how they relate to site security. Put simply, if someone hacks into one of your Subscribers’ accounts, that hacker will only have access to the capabilities of a Subscriber. However, if someone hacks into an Administrator account, they basically have access to every capability on your site and can wreak major havoc; changing or even deleting any text, page, post, plugin, theme and/or user, as well as injecting malicious code into pages, widgets or even the theme files themselves.
*Best Practice Tip: Create a separate account for every user, including those who will be your Administrators.
Multiple Admins or Admin accounts
In light of some of the examples listed above, it is considered a best practice to minimize the number of admin accounts to just one or two. That way there are fewer useful opportunities for hackers to target.
Likewise, having multiple people use a single Administrator account has drawbacks too, including:
A user who doesn’t need access to many parts of the admin dashboard can accidentally change settings, delete site elements, update a plugin that might make the site crash, overwrite or lose customizations you’ve made to the theme and numerous other troublesome outcomes.
If the password is emailed back and forth numerous times between people with less-than-optimal email security, there is an increased risk that the admin username and password could be hacked.
Passwords and Security
Gone are the days when you might be comfortable with having a password you could easily remember. WordPress has a password generator built in and will offer a suggested password whenever you create a new user.
There are also password management apps and web browser tools to assist you and your users with more secure passwords. For even more security, you can also implement two-step authentication.
The more registered users you have on your site, the more chances there are that someone has a weak password and username combination which might get hacked. So a big safeguard used in site security is strengthening the passwords themselves. All account levels, even Subscribers, can use the WordPress password generator. It is a good practice to have all users occasionally update or strengthen their passwords.
Customizing User Roles, Capabilities and Access
For more precision in defining roles and capabilities, you can assign, create and customize additional hybrid roles with code or plugins.
Several plugins come with predefined user roles specific to that plugin’s functionality. Once activated, the new user roles that go with it will be visible in the dropdown menu you see when creating a new user.
In the example image below, a database backup plugin and an SEO plugin have been activated. Note that there are now five new user roles available in addition to the five default user roles; two relating to the SEO plugin and three relating to the backup plugin. This practice is also common with e-commerce plugins, where you will find it useful to have specialty roles such as “shop manager” and “shop accountant.”
There are also plugins you can use which allow you to create whole new types of user roles with varying capabilities. You can even restrict content and page access by user role.
Finally, your developer can also add custom user roles and capabilities through code, where he or she can work with the capabilities listed on the WordPress Codex, to create users with the exact specifications that you need.
Wrapping up, there are a lot of neat and useful things you can do right out of the box with WordPress user roles on your site.
And with help from your web developer or by using well-vetted plugins, you can expand and customize roles and capabilities so that they are tailored to precisely fit your organizational needs.
From empowering your staff, contributors and members to limiting the chances of foul play or accidents, you can find a happy medium between limitation and access.