Guide to WordPress User Roles

Why user roles matter

The WordPress user system is based on the principle of roles and capabilities where each role has a defined set of permissions determining what a user can and cannot do on the site. Proper role assignment is key to site security because if every user has administrator access, one compromised account can lead to complete control over the site. Learn more about protecting your site from hackers. It also prevents accidental errors because a user who can't access settings can't accidentally change them.

WordPress comes with five default roles, each with a specific set of capabilities. Understanding these roles is essential for every site administrator, especially on sites with multiple users like multi-author blogs, company sites with content-entering teams, or ecommerce platforms with employees managing orders.

Administrator

Capabilities

The administrator has complete control over the WordPress site without any restrictions. This role includes the ability to install and delete plugins and themes, add and delete users including other administrators, access all site settings, manage all content including posts and pages of all users, access the code editor for direct modification of theme and plugin files, manage comments and moderation, and export and import site data.

When to use

The Administrator role should be assigned only to site owners and technical persons responsible for complete site management. Limit the number of administrators to a minimum because every administrator account is a potential entry point to the site. On a typical business site, one or two administrators are sufficient. Never use the administrator account for everyday content writing. See our guide for WordPress site optimization because it's safer to use an account with lower privileges for routine tasks. If you need access to administrator functions, log in to the admin account only when necessary.

Editor

Capabilities

The Editor has control over all site content but no access to technical settings. Editors can create, modify, publish, and delete any posts and pages including those written by other users, manage categories and tags, moderate comments and approve them for publishing, manage links, and upload media files. The editor cannot install plugins, change the theme, add users, or access technical site settings.

When to use

The Editor role is ideal for the main blog editor or person responsible for content quality control on the site. This person reviews posts written by authors and contributors, approves them for publishing, corrects errors, and ensures content consistency. On a corporate site, the marketing or communications manager is a typical candidate for the editor role because they need control over content but not technical aspects of the site.

Author

Capabilities

An Author can create, modify, and publish their own posts without editor or administrator approval. Authors can upload media files, modify and delete their own published posts but cannot modify or delete posts of other users. Authors cannot create pages, only posts, cannot manage categories and tags at the site level but can add existing categories and tags to their own posts. They have no access to comments except those on their own posts.

When to use

The Author role is suitable for trusted writers who regularly contribute content and whom you trust to publish quality content without prior review. Journalists, experienced bloggers, or marketing employees who independently write and publish content are typical candidates. The key difference between author and contributor is that authors can publish posts themselves while contributors must wait for approval. So assign the Author role only to persons whose content doesn't require regular review.

Contributor

Capabilities

A Contributor can write and modify their own posts but cannot publish them. Instead, the contributor submits the post for review and the editor or administrator approves and publishes it. Contributors cannot upload media files, meaning they cannot add images to posts. After a post is published, the contributor can no longer modify it because the published post becomes the editor's responsibility. These limitations make the contributor role safe for external writers or those you don't fully trust.

When to use

The Contributor role is ideal for guest writers, freelance authors, or new team members whose content requires review before publishing. On blogs accepting guest posts, a contributor account enables external authors to write directly in WordPress without the risk of publishing something inappropriate. The file upload restriction prevents potential abuse for uploading malicious content. If contributors need to add images to posts, the editor or administrator does it after content review.

Subscriber

Capabilities

A Subscriber has the lowest access level and can only manage their own profile and read content requiring login. Subscribers cannot create, modify, or delete any content on the site. The only difference between a subscriber and an unregistered visitor is that the subscriber has a user account they can use for commenting without re-entering personal data and for accessing content restricted to registered users.

When to use

The Subscriber role is used on sites requiring registration for accessing certain content, for commenting, or for accessing a closed community. Membership sites use subscriber as the base role for registered users with the option to upgrade to premium access levels. Forums and communities use subscriber for users participating in discussions. WordPress defaults the new role for registered users to subscriber, which is a safe option because a subscriber can't do damage to the site.

Custom user roles

Why create custom roles

Default roles don't cover all usage scenarios. For example, you might want a role that can publish posts but not delete them, or a role that has access to WooCommerce orders but not store settings. Custom roles solve these specific needs by creating roles with precisely defined sets of capabilities matching your workflow.

Role management plugins

User Role Editor is the most popular plugin for managing WordPress roles with over 700,000 active installations. It provides a visual interface for creating new roles, adding or removing capabilities from existing roles, and assigning multiple roles to one user. Members from the MemberPress team offers similar functionality with a focus on content access control by roles. PublishPress Capabilities is another option with a clean interface for capability management. All these plugins enable creating custom roles without writing code.

Custom role examples

SEO Manager is a custom role with access to SEO settings in Yoast or Rank Math but cannot modify post content. Comment Moderator can manage comments but has no access to posts or pages. WooCommerce Product Manager can add and modify products but has no access to orders or financial data. Designer can change site appearance and upload media but cannot install plugins or change user accounts. These custom roles enable precise access control matching your team structure.

Creating roles with code

For developers, WordPress provides an API for creating custom roles via code. The add_role function takes the role name, display name, and an array of capabilities. You can use add_cap and remove_cap functions for adding or removing individual capabilities from existing roles. These changes should only be triggered once, typically on plugin or theme activation, not on every page load because they're stored in the database. The WordPress capability system is flexible and enables creating fine-grained permissions for every action on the site.

Security recommendations

Principle of least privilege

Always assign users the lowest role that enables them to do their job. This is known as the principle of least privilege and is one of the foundations of IT security. If a user only writes posts, give them the Author or Contributor role, not Editor or Administrator. If a user just needs to read content, Subscriber is sufficient. Role review should be done periodically to remove unnecessary accounts and lower roles of users who no longer perform the same functions.

Additional security measures

In addition to proper role assignment, implement two-factor authentication especially for administrator and editor accounts. Use strong passwords for all accounts and require periodic password changes. Disable user registration if not needed for your site because open registration can be exploited for spam or attacks. Track user activity with plugins like WP Activity Log, which records all actions on the site and enables you to identify suspicious activities.

Conclusion

The WordPress user system with roles and capabilities provides flexible access control essential for sites with multiple users. Administrator for site owner, Editor for content editor, Author for trusted writers, Contributor for external collaborators, and Subscriber for registered visitors cover most scenarios. For specific needs, custom roles provide precise permission control. At BeoHosting, our WordPress hosting packages support unlimited user accounts with a fast and secure environment protecting all accounts on your site.