If you’re launching your new website (congratulations!) or need to add people to login to your existing WordPress website, this is your guide. You are probably wondering how much access to give each person on your team and your agency, or vendors. The level of editing rights and access a stakeholder has can make or break your website. For our website design and maintenance clients at Fandom Marketing, we ask that you provide list of team members who should be added to access your site. We created this guide so that you can review the differences in WordPress user roles to understand what’s right for each of your stakeholders.
In brief, the administrator level access should be used sparingly for qualified and important users who either own or develop a website. An editor might be right for a content contributor who is allowed to publish live. A contributor or author role gives users a restricted level of access to create content with some controls from higher level roles – perfect for your team of bloggers or junior marketers that need to go through a review process. Here is a detailed guide to WordPress user roles and how to use them.
WordPress is the best content management system (CMS) out there. Inherent in this powerful platform is a user role management system to define what a specific person can and cannot do on your website. These are five standard user roles on any hosted WordPress website:
Use this handy infographic to see what each can do at-a-glance. Keep reading for more detailed information and how we recommend using each role.
Image source: www.wpbeginner.com
The most powerful role on your WordPress website is “Administrator”. It can do anything including adding new pages or posts, editing other’s pages or posts, publish live, and delete anything. Most importantly, the admin can install, edit, and delete plugins, change themes and access and edit your website code. This role can add new users to the site, change information about existing users including their passwords as well as delete any user (including other administrators). This is the role is susceptible to hackers that want to access and compromise a website.
This important role must always use a highly secure password and should be the permissions level always to the site owners, granted sparingly to your developer or designer, and trusted tech savvy admin. Remember to remove past employees and vendors from this role when they are no longe on your team. If you are working with trusted vendors, agencies or contractors, providing admin level access is standard and required for them to do their job on your website.
An “Editor” is the second most powerful in WordPress because it grants full control of content on your website. Editor user role allows one to add, edit, publish, and delete any page or posts on a WordPress site including ones written by others. An editor can moderate, edit, and delete comments. They can also manage a team of “Contributors” to edit and publish posts that are in draft for review. Editors cannot change website settings, install plugins and themes, or manage users. We would grant the editor role to people who are savvy about your brand standards and your organization’s process – such as website managers, blog editorial managers, the marketing team or vendors providing content services.
An “Author” can write, edit, delete and publish only their own pages and blog posts. One major limitation is that authors cannot create blog categories, they can choose from existing categories. This can be a benefit, giving editors and admins the power to manage this at the top level. Authors can upload files, photos and media. They can create new tags. They can view live or pending review comments, but they have no moderation power to manage comments. The author role does not have access to change, delete or break anything on your website settings, plugins, or themes. We typically assign the author role for content admins or blog writers who can be trusted to publish pages and their own posts with it being held for review.
A “Contributor” is a low risk role that can add new posts and edit their own posts, that is held in draft for review by an editor or administrator. They cannot publish live nor can they have edit other user’s pages or posts. Like authors, they cannot create new categories and choose from existing categories, and can add tags. The biggest limitation for this role is that they cannot upload files, preventing them from adding their own photos to their blog post. They also cannot moderate comments, or to website settings, plugins, or themes. We reserve this role for content contributors in training, interns, or stakeholders in the organization who require review (and maybe some tech support and formatting) before their blog is published live. For example, the sales team may want to write for the blog – great! – put them in the review process so the content manager or marketing lead can ensure everything is on strategy and A-OK before a bunch of stuff starts publishing.
“Subscriber” has the least power among all of the use roles in WordPress. It’s basically a visitor login. Subscriber can login to your site and update their own user profile, change their passwords, and participate in other features you build. They cannot write pages or posts, moderate comments, or do ANYTHING else inside your WordPress admin dashboard. So, what it it good for? Marketing! This is the perfect for customer service, shopping logins, forums, or downloading your files and uploading files. It can capture and store customer data. For example, in a community or a knowledge base.
Another role to look at is “Super Admin” and it is super powerful. If you run WordPress Multisite Network this role can add and delete sites on the network. They install plugins or themes, manage users, and implement network wide actions to all of your websites. Like an administrator, you will want to reserve this role for website owners and trusted developers.
Did we mention WordPress is the most awesome, bestest CMS in the universe? Because it is an open source platform there are people creating and adding all kinds of capabilities. And, most of these extended features beyond the base platform ARE FREE. You can create your own custom user roles in WordPress with your own set of capabilities by using a plugin. We recommend User Role Editor, a free and trusted plugin that is popular in the community.
Still not sure? Contact us for website help.