There are several different types of user that can be added to your WordPress site. Each type of user will have different levels of access and control over the site. Therefore, it is important to carefully consider each role and how it can affect your site before assigning it to a new or existing user.
By default, the user role is automatically set to “Subscriber”. This is the role with the least access to the site. Subscribers can log in to your WordPress site and access and update their own profile. However, they cannot make changes to any of the settings or content of the site. This role is mainly for users who just need a login and password, for example, in order to read certain articles or leave comments, and should not be used for anyone who will be adding content to your site.
You can also set the role to “Contributor”. This allows the user more access than subscribers, but is still limited. Contributors can create and edit their own draft posts; however, they cannot publish these posts, which must be reviewed and published by an admin or editor. They can read comments but cannot edit or delete them. They have no access to posts created by other users, any of the settings or content of the main site, and cannot create, edit, or publish pages.
They also cannot create their own categories and must instead choose from any already created categories, although they can add their own tags. They cannot access the “Media Library”, meaning that if any images or files need to be added to their post, they will require the help of an admin or editor.
This role is useful if you want the user to be able to contribute content, but want to be able to review any content before it is published, for example, if a guest author is writing a post for your site.
Alternatively, you can set the user role to “Author”. This role has a lot more freedom than the contributor role. Authors can write, edit, and publish their own posts without having to have them reviewed and published by admins or editors. Authors can delete their own posts, even if this post has already been published, and can moderate comments on their own posts. However, they have no access to posts created by other users, and cannot add, edit, or delete any pages.
Unlike contributors, authors do have access to the “Media Library” and can add files, or delete any files that they have previously added. Like Contributors, however, they cannot create categories and are limited to any categories that already exist. They have no access to any other aspect of the site, such as settings and plug-ins.
Editors, on the other hand, have full control over any of the content sections on your site. Editors can add, edit, publish, or delete any posts or pages, even if they have been created by another user, or are labelled as “Private”. They can moderate, edit, or delete any comments, can add or edit categories, and ultimately have full control over content on the site. However, they have no access to the settings of your site. For example, they cannot change any of the site settings, add or edit users, or change themes or plug-ins.
The administrator is the most powerful user role and has full control over your WordPress website. Administrators have full access to all content on the site, and all of the site settings. This means that as well as dealing with posts and pages, the admin can also change the site settings, add, edit, or delete users, add or delete plug-ins and change the theme, as well as having control over any other aspect of the site.
There can be multiple administrators for a site at any time, however, it is advisable to be careful when assigning administrative privileges. Administrators have control over every aspect of the site and can therefore make significant changes without having to seek any permission, or having to be reviewed before the changes are implemented.
Administrators can also change the role of, or even delete, any other user, including other administrators, so you should only assign an administrator role to people you trust.
User roles should be assigned when a new user is created, or when an existing user is added to a new site. However, user roles can also be changed at any time, by an administrator, from the “Users” tab, or from the specific user’s profile page. In order to change the role of a user from the “Users” tab, simply click on the checkbox beside the user in order to select them, choose a new role from the dropdown menu at the top of the page, then click the “Change” button in order to implement the change.
Note: This is done on a site by site basis.