As the owner of your website, you may feel compelled to do everything yourself, including installing plugins, managing site settings, creating content, and moderating comments. However, this approach can quickly become overwhelming, and is ultimately unsustainable.
Fortunately, WordPress has a feature known as User Roles, which enables you to create and assign users to specific roles, so you can delegate your workload. As the Administrator, you’ll have full control over user management.
In this post, we’ll introduce you to WordPress user roles and management. This will include a breakdown of each role, along with plugins you can use to manage users and roles on your website. Let’s get started!
WordPress User Roles
To control what users have access to, WordPress uses a Roles system. There are five major user roles – Administrator, Editor, Author, Contributor, and Subscriber – and each has its own privileges and permissions.
Administrator
On a one-site WordPress install, Administrator is the most powerful user role. Their permissions are not at all restricted.
Administrators can add new users, edit and delete current users, install new plugins and themes, make changes to the site settings, and much more. They also have full control over the website’s content. They can add new posts, edit both drafted and published posts, and even delete posts.
The Administrator role is often (though certainly not always) held by the site owner exclusively. This ensures they have full control over the site, including how it runs and the content posted on it. However, that is not to say that other user roles don’t have the ability to make certain restricted changes.
Editor
As the name implies, anyone with the Editor role has almost full control over the website’s page and post content. They can add, edit, publish, and delete posts on the website, including those added by other users (such as Authors and Contributors). Another major permission the Editor role possesses is comments moderation.
Any aspects of the site not related to content – including plugins, themes, and settings – cannot be affected by editors, nor any user levels below Editor (i.e. Author, Contributor, and Subscriber).
Author
Permissions held by the Author role relate to the creation and publication of their own content. Authors can add, edit, publish and delete their own posts (but not those by other contributors).
Unlike an Editor, an Author is unable to moderate comments. However, an Author can still view comments.
Contributor
The Contributor role is popular on websites with user-submitted content (such as Lifehacker). While contributors can add and edit their own posts, they cannot publish them. They also cannot upload media files (unlike all of the roles already covered) or moderate comments.
Subscriber
The most restricted role available, a Subscriber can only gain access to their User Profile – no other area of the back end is accessible. Subscribers can change their password, but that’s about it.
This role is most helpful if you want to require users to log in to read restricted content or comment.
WordPress User Management
While an Administrator has control over user roles in the WordPress back end, the default management and customization capabilities are limited. With plugins, you can expand these capabilities.
User Management Plugins
With a user management plugin installed on your website, you can more easily (and fully) manage the privileges and permissions of each role and user.
Capability Manager Enhanced is a user management plugin with an intuitive, easy-to-use interface. With this plugin, you can easily create and delete users, as well as customize the permissions that each role or individual user has:
You can also create custom roles. For example, you could create a Master Author role that incorporates permissions from both the Editor and Author roles:
The above functionality is included within similar plugins, such as User Role Editor and WPFront User Role Editor. Both of these plugins enable you to assign multiple roles and create new roles. WPFront User Role Editor Pro even gives you the ability to manage media library permissions:
All three of the above plugins have similar functionality, although they do vary in certain areas. We suggest you take a few minutes to identify your needs and compare the plugins to choose the best solution for you. Failing that, you can’t go wrong by choosing any of the three without further consideration – they’re all excellent options.
Other User Management Systems
Aside from plugins, there are also online services to help you fully manage your users and their permissions. They enable you to take a hands-on approach to user management, and many of these services are highly configurable.
For example, oAuth.io enables you to sign up, sign in, and otherwise manage your users’ sessions. With the oAuth.io API connected to your website, you can even update user data and keep track of when each user is logged in and active.
A similar is Okta, an authentication system for websites and applications. Similar to oAuth.io, you can sign up and authenticate users. This gives you control over user security and ensures your users (and website) are protected as best as possible.
Both of the above mentioned options, and many others, are great third-party solutions for a necessary useful management task.
WordPress User Role Management
We’ve outlined each of the user roles above, and the permissions associated with each. However, it’s also important to clarify the management privileges that each role has (if any).
The Administrator has full management capabilities. They can create and remove users at any time, and edit each user’s role. An Administrator is the only role that allows access to the list of user profiles active on the site, as well as any plugins (including user management plugins).
The other roles mentioned – Editor, Author, Contributor, and Subscriber – have absolutely no user role management abilities. Users with each of these roles can view their own User Profile, but that’s the extent of it.
The Administrator can extend user management capabilities to any user (or role) they want with one of the plugins mentioned above.
The management of a website’s users is an important task, and one not to be taken lightly. This is why the privilege is, by default, reserved for administrators.
WordPress User Control
By taking charge of user control, administrators can effectively manage user privileges and permissions. With the help of a user management WordPress plugin, administrators can even create their own roles, or customize permissions for each user. This makes the management of a WordPress website – and its various users – simpler.
If simplicity is something that interests you, be sure to take a look at WP Engine’s managed hosting plans. These plans ensure your website is always up-to-task, and with 24/7 professional support, you know that WP Engine has always got your back.