WordPress is a versatile platform that can be used for a variety of websites. Each website has different needs, and with WordPress, you have the ability to customize user roles to fit those needs. A lot of web admins start out by assigning admin access to all users involved in maintaining the site which can pose more of a security risk than necessary. This post will outline the different types of user roles and who should have access to what features on your WordPress site.
The Super Admin
This is not the most well-known role, but the Super Admin is the highest-ranking user on a WordPress multisite network. They have complete control over every site in a given network and can configure options for an entire network from one central location. This is a big responsibility, so make sure it goes to someone who will use their powers for good and not for evil (just kidding). The Super Admin role is perfect for those who want to maintain complete control over multiple WordPress sites. If you’re looking to give someone complete control over a multisite network, the Super Admin role fits the bill.
A WordPress Admin has a lot of power at their fingertips- they can configure options throughout the site, add plugins, modify themes, and create or delete any content regardless of who originally created it. The role of administrator should be reserved for those who you trust implicitly, as they will have complete control over your site. While it might be tempting to assign anyone who needs access this level to control, it’s important to reserve it only for people who need it to complete their contributions to your site for security purposes- most web designers or developers need this level of access while most other roles do not.
If you’re looking for someone to help manage your WordPress site’s content, the Editor role is a great option that offers fewer permissions than that of an Admin role. Editors can add, change, and delete existing posts and page content regardless of who originally created the content. This makes the Editor role perfect for someone like a lead copywriter or site moderator, who needs access to view and modify all page content on your site but doesn’t necessarily need control over its plugins and code.
The Author role lies somewhere in between the extremes of shared site access. Like Editors, Authors can add, change, and delete their own post and page content, however, unlike editors, they don’t have access to make any other changes on the site. This makes the Author role ideal for someone who you trust to post their own content, like a blogger or copywriter, but you don’t want to give full control to. If you’re looking for a middle ground option on sharing site permissions, the Author role is a great choice.
WordPress Contributors have the least permissions of all users who can contribute content to a given site. They have the ability to create, change, and delete their own post and page content, but unlike the other roles, they cannot publish it. The Contributor role is perfect for users whose content you would like to review before publication or affiliate content that may have been generated from outside your organization.
Unlike any of the other roles, the WordPress Subscriber cannot contribute content to your site with the exception of comments if you allow them. So, if you’re adding someone new to help out with content creation, this isn’t the role for them. But for your everyday reader, the WordPress Subscriber role may be a perfect fit!
Bonus: The Customer
If you have WooCommerce installed, you may have noticed a role titled “Customer.” Much like the subscriber, they do not have the ability to create or modify site content, but they do have the ability to purchase from your site, review previous purchases, and make changes to their own account information. One thing to note about Customers is that depending on your WooCommerce settings, not everyone who purchases from you must have this or any other account role.
WordPress is a great platform with tons of features and flexibility. With the right user roles in place, you can keep your site safe while giving users the access they need to do their job. Have you or are you going to try implementing different user roles on your WordPress site? Let us know in the comments below!