WordPress User Roles, Permissions and Capabilities Explained

Due to massive popularity and usability, WordPress is now powering almost 27% of world's websites. It has many handy features that provide the best user experience along with an open world possible of doing anything. Among many default features, WordPress has built in website security and privacy system. This allows managing different WordPress user roles, which becomes very handy to control how users interact with your website.

WordPress User Roles – The Internal Website Security

When you install WordPress to power up your website, you get a handy role management system. It effectively defines which actions an individual user can perform inside your website. Sadly, this feature is often overlooked, but you will eventually feel the importance of roles while your website grows.

In today's blog post, we will explain the user roles that you get with WordPress. We will explain and compare each of them. This will give you a brief understanding of the internal security and privacy system of WordPress.

WordPress enables five default user roles and luckily, it helps to control the behavior of your users. Let's find out about these WordPress user roles.

 

Administrator

As the name suggests, Administrator is the most powerful user role and he/she holds the key to unlocking every door of your website. Users who have this role can do anything they want from the WP dashboard. They can add new pages, posts, plugins, themes and also can modify them whenever they want.

They can install, update and delete plugins. Every single setting is open for Administrator role. they can manage other users, change their password, information and also roles. While you are using a site with multiple users, you should carefully assign roles to them.

Editor

Editors can manage the overall content of a WordPress site. If you consider giving this role to a user, he or she will be able to create page or posts, edit them and also trash them. They also have the capability of moderating, editing and deleting comments.

Basically, editors are responsible for the content, they cannot manage plugins, themes or settings of your website. However, they can add categories and have access to the media library as well.

Author

They can create posts, edit, delete and publish them. Please note that- they can manage only their own posts. Unlike editors, they don't have the capabilities or permission of managing content created by other users. They cannot create or modify pages. They can upload files and manage their own uploaded ones. Besides that, they can moderate comments published on their own posts.

Contributor

If you want external writers, who will be able to write, edit and delete drafts, then you should assign them as contributors. This type of users can only write and edit their own posts, but cannot publish them. An editor or admin must review the post and publish them if needed. Contributors do not have access to the Media Library and can ask editor or admin to upload for them.

Subscriber

These are general users on your website. They can only read the posts you publish. They get their own profiles and can edit some of their own information. After reading a post, they can also comment.

Additional or Special Roles

Apart from the above-mentioned roles, there are some other special roles including Super Admin, Guest, customers, vendors, employees and many more.

WordPress has opened a new door to the world of opportunities. You are free to do whatever you want with your WP website. Thus, modifying or adding new WordPress user roles is also possible. As an Admin, you can create special purpose roles and also modify the capabilities the existing ones. But these require custom coding. We will publish another blog post on how to create custom WordPress user roles soon. So, don't forget to share your opinion and keep an eye on our blog for more updates.

4 Comments

  • Sallie Goetsch

    Sallie Goetsch

    It might be helpful to include something about what a capability is vs. a role, and whether there is any distinction between a capability and a permission.

    • Mainul Kabir Aion

      Mainul Kabir Aion

      Hi Sallie,

      Thank you very much for your comment. We really appreciate your suggestions. We will definitely include this information in our upcoming post – How to add custom WordPress roles and capabilities. We will add what you suggested and will explain the distinction between capability and permission also how to restrict different permissions for different WP roles.

      Cheers 🙂

    • Mustaasam Saleem

      Mustaasam Saleem

      A great post indeed. Keep up the good work WeDevs.

      Good suggestion @Sallie.

      “A role is the name of a user group that will be displayed in your WordPress Admin Panel and capabilities are the privileges/permission to enable or disable.”

      Reference (Written by me 🙂 )
      https://www.cloudways.com/blog/add-custom-user-roles-in-wordpress/

  • Mount Damavand

    Mount Damavand

    This is a ver gopod tip particularly to those new to
    the blogosphere. Brief but very precise info… Many thanks for sharing ths one.
    A must read post!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.