Did you know that you can grant others permission to manage your website? By using WordPress user roles, you can safely and easily collaborate with people to assign different levels of access to your site and the content in it.

In this article, we will introduce how WordPress user roles work and how to configure them on your site.

WordPress user roles

so – What are WordPress user roles and what are their purposes? As the name suggests, it is a built-in user management function on the WordPress website. You can define what users can and cannot perform, and group them by role. Therefore, specific site management permissions can be assigned to specific roles.

WordPress provides six defaults User role Provide you with more power over site management. Let us understand them better.

Super administrator

The super administrator role only exists in WordPress multisite The function is enabled. They are responsible for supervising all site administrators and multi-site networks.

They can manage and change everything-from creating and deleting sites, to controlling content, themes, plugins, and configuration files.

After the super administrator role is enabled, the authority of ordinary administrators will be reduced. They can no longer install themes and plugins, but can choose to activate or deactivate them.

administration staff

The administrator not only has all the power to manage site operations, but also has the power to assign other roles.

They can create, delete, review, edit and publish content, manage plugins and themes, and even edit code. This role also has the authority to customize other user roles.

You can be the administrator of your site, or you can designate someone else. However, if you want to assign this task to someone else, please be careful. It is important to choose people you trust.

edit

Editors have full access to manage all content and attributes of your website.

They can create, delete, review, and publish their own posts and posts created by other authors. Editors can also manage comments, post categories and links. Users in this role usually supervise authors and contributors.

author

Unlike editors who have complete control over the entire content section, authors can only have complete control over their own posts. They have the right to create, edit, delete and publish their own posts. In addition, they can edit their user profile.

Contributor

Similar to authors, contributors can create and edit their posts and profiles. The main difference between the two is that contributors cannot publish their posts.

subscriber

This role can only read posts and manage their profile.

Basically, all visitors can read the post without being designated as a subscriber. However, you can encourage users to become subscribers by providing access to special content that can only be viewed by them.

Things to do before setting up user roles

When deciding to set up user roles, you should follow some good practices.

Backup your website

It is important to back up your WordPress site first before making any changes. You can not only restore the database from the hosting server, but also upload the backup file from the local disk when needed.You can check out this Hosted Wiki Post On how to do it correctly.

If switching to multiple user roles causes any problems or security threats, you can easily restore your site to its previous state.

Appoint the right role

Before assigning roles, you need to consider user permissions. Choose what users can and cannot do.

Ask yourself, “Do you trust users?”, “Will they write, review, edit, publish, or maintain your WordPress site?”, “Will they fully or partially control your WordPress site?” etc. Then you can start authorizing roles.

By doing this, it becomes easy to control the workflow and each user role. In addition, you can rest assured that the operation and management of your website is in the hands of the right people.

Best practices for configuring user roles

There are three ways to manage your WordPress user roles.

Add users from your WordPress dashboard

Add new users to WordPress

Follow the steps below to add, edit, and delete users from the dashboard:

  1. After logging in to the management area of ​​the dashboard, select the user and choose to add a new option.
  2. Fill out the form with the new user’s personal details, password configuration, and assigned roles. Then, click the “Add New User” button to save.
  3. After adding, you can edit or delete users by selecting all users from the drop-down menu.

Edit or delete WordPress users

In order to better control user roles, you must use one of the other two methods.

Manually modify the code on the template file

If you want more options when configuring user roles, adjusting and adjusting the template files of your WordPress website is the answer. Modify the role by inserting the code function into your functions.php file.

WordPress provides five code functions to customize user roles and their functions. They are:

  • Add role() – Add role
  • Delete role() – Delete role
  • add_cap() – Add ability to a role
  • remove_cap() -Remove ability from a role
  • Get role() – Gain insight into the capabilities of a character.

When writing the actual command, you also need to fill in additional:

  • Role – Role Name
  • show name – What is the role name on the WordPress dashboard
  • ability – The privileges the role will have. If you want to add multiple functions, you need to use an array.

For example, let’s add a role named Publisher, which can publish posts and pages:

add_role('publisher', __(
   'Publisher'),
   array(
       'publish_posts' => true,
       'publish_pages' => true,
       )
);

Visit official WordPress code View the list of available features.

Manually add WordPress roles

To start using the code, follow these steps:

  1. After building the code snippet, go to the management area and open the appearance menu.
  2. Click Theme Editor from the drop-down menu, select the theme you want to edit, and open your functions.php file.
  3. Paste the code snippet at the bottom of the file.
  4. Finally, click Update File.

Be careful with code snippets, because if they are not written in the correct syntax, it may cause problems.

Use user role plugin

Ability manager enhancement plugin

Although manually customizing WordPress user roles through code provides you with the most control, if you don’t have coding skills, it may be risky.Or you can just use plugins like this Ability manager enhancement.

The plugin not only allows you to configure the default WordPress user roles, but also adds custom user permissions according to your needs.

Capability Manager enhanced options panel

After installing and activating the plugin, you can customize user roles from the WordPress dashboard.Click on user Menu and select ability. Then you will see an editor that allows you to set up roles and add features.

Tips for effective use of user role functions

Although user roles are very useful when collaborating with multiple people on the site, they are inherently less secure. A simple accident, such as saving a password on a public computer, can cause major problems. You can take the following measures to ensure website security:

  • Use plug-ins – This allows you to easily manage user roles when changes are required, and even force users to be logged out with the help of security plugins (e.g. All-in-one WP).
  • Limit the number of users with permissions – Maintain exclusive access to your site control. Take the time to decide which users really need what features.
  • Unassign suspicious users – To avoid website abuse, brute force attacks, and other hacking behaviors, it is best to delete users who have been inactive for a long time or users who have repeatedly failed to log in.

If you apply these techniques, we believe that the user management of your website will be safe and sound.

Final notes

The default user role of WordPress is very useful for maintaining the operation of the site. You can assign up to six different roles, namely:

  • administration staff – Fully manage the maintenance and content of the website
  • edit – Comprehensive supervision of authors and content management
  • author -Responsible only for one’s own position
  • Contributor – Can only create and edit the content of their posts
  • subscriber -Can only read posts
  • Super administrator – Fully manage WordPress multisite network

Before officially assigning features, make sure you have backed up your site and consider the appropriate roles.

You can add, edit and delete users from the management area of ​​the dashboard. To do this, go to your WordPress dashboard → Users → Add new.

In addition, you can manually customize the role by modifying the functions.php file of the theme.

However, using a WordPress plugin to customize user roles may be a better choice.we recommend Ability manager enhancement Add, delete, edit and customize plugins for user roles in just a few clicks.

Finally, remember to always limit the number of user roles and unassign suspicious users.