It is easy to forget about the significance of security of our internal website with these all recent headlines about large-scale data breaches. But WordPress cares about the issue. It provides 5 default user roles which help you to see how visitors interact with every part of your site.
From now on, you can modify or assign roles through the User screen on the WordPress dashboard, once you understand the possibilities of these 5 WordPress user roles.
Through the WordPress dashboard, Administrators can perform every task available including modifying core files, changing other users’ roles and changing themes. They hold the key to the WordPress castle. Also, Administrators control all website`s content. Thus, this role should be reserved for those people who truly need full access when you have multiple administrators on one site. If just the front gate will be okay, why open all gates, isn’t it?
You will also have a Super Administrator role which overlooks the entire network, if your site is part of a multisite WordPress installation. By default, the Super Administrator role isn’t available.
Editors can publish, delete or edit any post or page, including “private”. The Editor role does not provide an access to widgets, themes or plugins. It will fit for users who need permission only to the content. They can also manage links and categories as well as moderate comments. To be short, editors can’t change any settings, however, they can do almost anything with content.
Authors can publish, delete or edit their own posts as well as moderate comments on their own posts. However, they cannot change anything created by other people. Authors can delete anything they have previously uploaded and upload files into the Media Library. They also cannot create, delete or edit pages.
This role is a great option for guest authors who don’t constantly submit content. Contributors can write, delete or edit their own unpublished posts. But the content written by a Contributor can be published and reviewed only by Editor or Admin. In addition, if a Contributor wants to use specific images, audio or video files in the Media Library, he/she has to ask for assistance from Editor or Admin since Contributors cannot access the Media Library.
By default, all new WordPress users are labeled as Subscribers. Subscribers can create a profile through your WordPress dashboard, read your site and post comments there. They cannot edit content or settings on your site and don’t have any other permissions. Check the Anyone can register box under Settings → General → Membership, if you want to make it easy for readers to register on your site. Next, with the help of Appearance → Widgets, you can add the Meta widget to your sidebar. Now readers can subscribe for your site!
Admin role gives you possibility to easily modify user roles. So, if you are looking for an Editor while you will be absent, just go to the WordPress dashboard click the Users tab and change his user’s role to Admin. Once you return from your vacation, you can always change it back.
Check out the Capability Manager Enhanced plugin, if you are looking for more advanced control. It provides more tight control over WordPress capabilities and roles.