WordPress: User Roles and Capabilities

Wordpress-six-rolesBefore you start using your new WordPress blog or website, it is important to understand the capabilities and privileges assigned to each “role”, or account type, and which roles are appropriate for each of your employees or contractors.

Why Is It Important To Understand WordPress Roles?

Now that you have a new WordPress-powered blog or website, you are most likely ready to begin setting up administrative (or admin) and user accounts for your employees, members of your organization, or other professionals who will be administering or creating content for your new blog or website. If your office manager or IT consultant will be managing your blog or website, you need to create a new account that will allow them to fulfill the role of the admin. Perhaps the consultant who handles your marketing and advertising will be writing posts for your blog – they will need a new account as well, either as an editor or author. But how do you know what type of account is appropriate for each admin or user? Do you want to give your office manager complete and total control over your WordPress installation? Should your marketing consultant be able to edit posts in addition to creating them?

The Fine Line

Before you create new accounts, it is important to understand exactly what capabilities you are assigning to each account. If you assign too many privileges and capabilities to an account, it is possible the account holder could damage or delete your content or even your website or blog, either by accident or with malicious intent. If you assign too few privileges and capabilities, it is possible the admin or user will be unable to properly interact with WordPress and will be unable to fulfill their tasks and responsibilities.

The Six Standard Roles

WordPress has six roles that are pre-defined in each new installation of the software: Super Administrator, Administrator, Editor, Author, Contributor and Subscriber. Each role has a specific set of privileges and capabilities that allow for an orderly hierarchy of admins and users.

Super Admin vs. Admin

A WordPress Super Admin and Admin are individuals who are granted complete and total control over every setting and feature of a WordPress website or blog. For a single WordPress installation, as opposed to a multisite installation, an Admin has the same roles and capabilities as a Super Admin. In other words, an Admin only has full control over one website while the Super Admin has full control over every website in a network of websites.

Admin vs. Editor

The fundamental difference between an Admin and an Editor is control over the various components of the WordPress installation itself – an Admin can install, delete and activate plugins, themes and even update the core WordPress installation. An admin can also create, delete, promote and demote other user accounts, delete all content, and read and delete private pages and posts. Granting this level of authority over a WordPress website or blog should be down with careful consideration, just as you would apply careful consideration to choosing a manager or executive of your business. An Editor has fewer privileges than an Admin, but still wields a considerable amount of control over your website or blog content, as opposed to the website or blog itself. An Editor can create, edit, and delete pages, posts, content categories, links, comments and files. This role is appropriate for a user who is not responsible for the site maintenance, but is responsible for the content and the Authors, Contributors and Subscribers who will be creating the content.

Author vs. Contributor

The next two roles are Author and Contributor. An Author has the ability to publish, edit and delete posts and upload files but cannot create, edit or delete pages, categories or links. This role is perfect for an employee or consultant that is simply tasked with creating and uploading content. The Contributor role is somewhat specialized and may not be useful for most blogs and websites. A Contributor can edit and delete posts, but cannot create posts. This role may be useful if a member of your organization is tasked with basic content oversight or editing for grammar and style, but not the full role of an Editor.
Finally, the Subscriber (or Reader) role is limited to reading and commenting on posts and creating a basic user profile on your website or blog. This role is also useful if you want to restrict access to certain posts or pages – you can require that a site visitor create a Reader account and force the visitor to log in to your website or blog before accessing this content.

Now that you understand more about the differences in WordPress roles you can more appropriately assign these roles to your coworkers and customers. Keep in mind that managing a large website or a network or websites that have a lot of traffic is a lot of work, and the more people you can trust to give major roles, the better your site can be maintained.

Comments

comments