WordPress User Roles And How To Use Them

You need to understand the different user roles offered by WordPress and when to use them.

Why WordPress User Roles Are Important

If you give people access to log on to your WordPress site it is very important that you only give people the permissions they actually need – nothing more.

Giving people more access than they need is an obvious security risk.

An example: a guest blogger is going to write articles for your site on a regular basis. The articles have to be reviewed by a senior employee before they are published. In this case the guest blogger only requires access as a Contributor and the senior employee as an Editor.

Restricting access rights is not only good for security. It also limits the accidental damage a person could cause by making mistakes.

[gn_quote style="1"]Least privileged is the act of using the lowest possible role and likely the one thing that no one seems to place any emphasis on. Its the idea that when you log into your administrator panel to put out a post you don’t need to do so using an account assigned an administrator role. There are a number of other plausible roles, learn to use them effectively.

Tony Perez, Sucuri
Article: WordPress Security – Cutting Through The BS[/gn_quote]

WordPress User Roles

The available WordPress user roles are:

Super Administrator: A user with administrative access to the entire blog network. This role only exists on Multi Site installations.

Administrator: A user with administrative access to the blog. Can work on all aspects of the site.

Editor: A user who can manage and publish posts and pages also for other users.

Author: A user who can manage and publish their own posts.

Contributor: A user who can manage and write their own posts but not publish them.

Subscriber: A user who can only manage their own profile.

When To Use A Role

Obviously the most secure way to run your WordPress site is not to allow anyone to log in. However this is not always a practical solution.

When you create a new user it is important to ask yourself what the minimum role requirement is. If someone should be able to create posts but not to publish them Contributor is a good option. If they need to publish their own posts but not manage other users posts Author would be the correct role.

If a user only needs access for a limited period of time make sure you revoke their access rights as soon as you can.

How To Use The Administrator Role

The Administrator role is a special role. With this role you can do anything and everything. Use it only when needed.

You should never use the Administrator role to create and publish posts and pages!

Instead create an Editor or Author user to manage your posts and pages.

When you are at the coffee shop and need to write this very important post you do not have to log in to your site using an Administrator user. This is much safer.

The Administrator role should only be used to carry out real administrative work on your site, such as installation and updating, modifying site settings, managing backups etc.

If an external person needs Administrator rights to do some work on your site create a new user for this purpose. Never give out your existing login details. Once the job is done make sure you delete that user again. If you use WordPress File Monitor Plus manually scan your site before the work starts and after the work is finished to verify which files have been modified.

Tips For Administrator Users

It is easy to just do all the work with the Administrator user. However it is not hard to enforce good practice around using the correct users for the correct tasks.

If you often switch between Administrator and Editor/Author tasks we recommend that you use two browsers. One for the Administrator role and one for the Editor/Author role.

This way you don’t have to log in and out all the time.

To ensure you do not accidentally create posts and pages using the Administrator user you can remove those capabilities. It is very simple to do.

Place the following code in functions.php for your theme:

[gn_note color="#ffffff"]
// Remove the Create Page / Post Capability for Administrators
function modify_capabilities()
{
 $edit_role = get_role('administrator');
 $edit_role->remove_cap('edit_pages');
 $edit_role->remove_cap('edit_posts');
}
add_action('admin_init','modify_capabilities');
[/gn_note]

Add New Page and Add New Post are now hidden from the menus for Administrators.

If you already have a few posts created by an Administrator a Quick Edit can remedy the situation.
[gn_frame align="none"]quick edit to change author[/gn_frame]

Or alternatively – if you have many posts – create a new Administrator user and an Editor/Author user. Then delete the old Administrator user.

When asked you need to attribute existing posts to your new Editor/Author user.
[gn_frame align="none"]delete users[/gn_frame]

whiterabbitFollow The White Rabbit

[gn_spoiler title="Click Here" open="0" style="1"]Are you reading this article as a part of the Interactive Version of The WordPress Security Checklist?

Then you can find your next article below.

If not you should take a look at the Table Of Contents.

Next article: Remove The Default Administrator User
Previous article: Delete Unused Plugins And Themes[/gn_spoiler]

Questions Or Comments?

Please leave them below. Thanks!


About Anders Vinther

Anders is on a mission to make it easy for you to secure your WordPress.

Let's make it harder for the bad guys!

Want More?

Sign up for our newsletter and we'll let you know when we have got new stuff about WordPress Security for you. See past emails.


Most Popular Articles – All Time

Most Popular Articles – This Week

Comments

  1. Howdy Anders,
    very nice post – I never thought about writing as a non-admin but you’re right, and I’ll change that soon.
    Concerning the coffee shop, I’d rather post by mail from my Smartphone or directly from the mobile Browser to avoid the risk of a coffee shop – in my opinion you can only surf the web there – your data won’t be safe.

Speak Your Mind

   Login Using:

*

To create code blocks or other preformatted text, indent by four spaces:

    This will be displayed in a monospaced font. The first four 
    spaces will be stripped off, but all other whitespace
    will be preserved.
    
    Markdown is turned off in code blocks:
     [This is not a link](http://example.com)

To create not a block, but an inline code span, use backticks:

Here is some inline `code`.

For more help see http://daringfireball.net/projects/markdown/syntax