In WordPress, a user role is given to each person who can log into your website to define what they can and can’t do. By default, five user roles are offered.
This means that some users can have full control over your website while others will only be able to view your content. Usually, you’ll give most users access somewhere in between.
It’s important to become familiar with user roles as your WordPress site grows.
You can think of WordPress user roles like the levels of access people have at a school:
- The principal and maintenance worker can go anywhere in the school they need to.
- Teachers will have access to their own classrooms, but not other classrooms or the principal’s office.
- Visiting parents may not be allowed to go beyond the lobby.
What Is a User Role in WordPress?
In WordPress, a user is someone who is registered on your WordPress website so that they can log in with a username and password. Someone who’s just viewing your site doesn’t have to be a registered user.
As the owner of your WordPress site, you are a registered user. You can also add other people as users with their own login credentials.
You might want to give people access to log in to your site so they can:
- Write a guest post on your blog
- Help you with troubleshooting WordPress errors
- Get access to exclusive content on your membership site
But what if you want to limit their access, like in our school analogy? You wouldn’t want to let parents into the principal’s office where they could change their child’s grades, for example.
It’s the same idea for your WordPress site. Giving people access to everything on your site can be risky. As a site owner, you need to know how to keep your WordPress website secure.
Luckily, WordPress has a built in way to control what your users can access, with user roles.
Understanding the Default User Roles in WordPress
When you first create a WordPress website, you are automatically given the user role of administrator. As an admin, you get to decide who gets access to your WordPress website and define what they can and cannot do.
You do that by assigning each user a role. By default, five default user roles are available on a WordPress website. You can customize them and add more as you need.
You can see a full visual comparison between each user role on our user roles infographic, and you’ll find more detailed information in our beginner’s guide on WordPress roles and permissions. Read on for a brief summary of each default WordPress user role.
1. Administrator Role
On a regular WordPress website, an administrator has the most powerful role. They can add new posts, and edit or delete posts by any user. Plus, they can install, edit, and delete plugins and themes.
Most importantly, admin users can add and delete users, and change information about existing users, including their passwords.
However, WordPress multisite networks have an even more powerful role: the super administrator. These users have admin access to every single site in the network.
2. Editor Role
In WordPress, editors have full control of the content sections of your website. They can add, edit, publish, and delete posts, and can moderate, edit, and delete comments as well.
However, editors do not have access to change your site settings, install plugins and themes, or add new users.
3. Author Role
Authors can write, edit, and publish their own posts, but can’t modify posts by other users. They can also delete their own posts, even if they are already published.
While they can view comments, authors can’t moderate, approve, or delete them. They also don’t have access to site settings, plugins, or themes.
4. Contributor Role
Users with the contributor role can add new posts and edit their own posts, but can’t publish any posts. They also can’t upload files, which means they can’t add images to their posts.
They don’t have access to website settings, plugins, or themes, so they cannot change any settings on your site.
5. Subscriber Role
Subscribers can only log in to your WordPress site, update their user profiles, and change their passwords. They can’t write posts, view comments, or do anything else inside your WordPress admin area.
This user role is particularly useful if you have a membership site, online store, or another site where users can register and log in.
These are the default user roles and their permissions. As with anything in WordPress, you can also customize their permissions if you like. Let’s take a look at how to do that.
Customizing User Roles in WordPress
The default WordPress user roles have capabilities that will work well for most WordPress websites and blogs.
For example, if you run a magazine website, then the editor role can be assigned to senior staff, the author role can be for junior staff, and the contributor role can be for guest writers.
But sometimes you might want to customize the permissions and capabilities assigned to the role for the specific needs of your website.
For example, you may wish to limit authors to their own posts in WordPress admin or not allow authors to publish posts. You can also create a totally custom user role.
You can learn more about how to customize existing user roles and create new ones by following our guide on how to add or remove capabilities to user roles in WordPress.
Restricting Content Based on User Role
On some sites, you may want certain users to be able to access restricted content. For example, you might want to create a membership site and only allow paying members to access your courses, videos, or other premium content.
It used to be that creating a membership website took a long time, and it required a lot of work. Back then, you had to figure out how to manage users, set up memberships, decide how to receive payments, and more.
Thankfully, there are some impressive membership plugins for WordPress that make setting up your membership site super easy.
One of the most popular WordPress membership plugins is MemberPress. It has a powerful set of features that makes setting up a membership site a breeze.
You can use the MemberPress plugin to add different membership plans, set up pricing, create custom user accounts, and more.
MemberPress also has built-in support for PayPal and Stripe payment gateways, so your members can make secure payments online.
You can see our guide to creating a WordPress membership site for step by step instructions.
We hope this article helped you learn more about user roles in WordPress. You may also want to see our Additional Reading list below for related articles on useful WordPress tips, tricks, and ideas.
If you liked this guide, then please consider subscribing to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.