Knowledge Base Blog: How to Manage Your Site Users in WordPress
One of the perks of WordPress is the user Role Management System, which allows you to easily and effectively control the abilities of anyone you give access to the backend of your Website. Small Business owners can really benefit from the ability to delegate tasks like image updates and price changes to others, safe in the knowledge that they can manage the responsibilities of all employees.
This blog gives you a brief rundown of what each user role is able to accomplish, and how you can make sure you’re managing your users in a way that suits your Business.
The User Roles Defined
The Administrator is king in WordPress. With the ability to add new users and edit their information (including passwords) at any time, the Administrator has total control over all those who have access to the backend. Besides being able to oversee the operations of all other users, the Administrator is the only permission level that can make crucial changes to settings, plugins, and themes for the Website.
Common sense dictates that you should be sparing in your granting of Administrator privileges, as the ability to delete or edit profiles even extends to the option of deleting other Administrators!
Editors have complete control over all of the content hosted on your WordPress Website. They are able to write, publish, and edit any post, as well as having the ability to moderate comments.
The Editor’s influence is, however, limited to content changes as they are not able to change settings, plugins or themes.
If you have an employee who effectively oversees everything you do Online, consider granting them the Editor user role rather than Administrator access to safeguard the wellbeing of your Site.
As the name suggests, Authors have the ability to write, edit, and publish their own content posts. Authors can also view comments awaiting moderation but cannot approve or delete them.
The only risk associated with this user role is that Authors have complete control over what content they publish on your Site (although this can obviously be edited or removed at a later date by someone with higher permissions).
Furthermore, Authors also have the ability remove any of their previous posts at any time. If you have a trusted blogger who writes for you, this may be the best user role to grant them.
The Contributor user role is effectively the Author with an additional layer of security. Contributors can add and edit new posts to the backend of your Website but can’t publish them Online.
Granting someone Contributor access gives you an extra level of reassurance surrounding what is going up on your Site, but will also mean that an Administrator or Editor will have to review and publish every post before it is seen by visitors.
Finally, users at this level are also unable to upload files meaning they cannot add images to their posts.
The lowest user role allows people to login, and, to be honest, not much else. Subscribers are not able to write posts, view pending comments, or do anything else inside the admin area of your Website.
This level is primarily used by those who require people to be logged in before they can read posts and leave comments.
Go One Step Further and Customise Existing Roles
Be advised that the descriptions above detail the default settings for each level. There is however a limited scope to change the permissions at each level to better suit your Business.
For instance, if you feel exposed by the fact that a particular author is able to delete work you have previously paid for them for, you can retain their ability to post work while simultaneously blocking their option of deleting historical posts.
Doing so requires use of the Capability Manager Enhanced plugin. Installing the plugin can be a little tricky so we suggest you always enlist the help of your most trustworthy techspert.
Adding New Users
To add a new user simply select the ‘Users field’ from the navigation bar in the backend of your Website, and then select ‘Add New’.
Take particular care when filling out the Username and Role fields. The username you select for your new user cannot be altered once created, whilst the role you select needs to give a permission level that will benefit your Business.
If the time comes to delete a user, return to the backend of your Website and select ‘Users’ then ‘All Users’ from the navigation bar on the left of your screen.
When hovering over a user you will be given the opportunity to delete them immediately below their username. Once you have selected this option you will be asked what to do with their content. By selecting ‘Delete all content’ you will delete everything this user has ever contributed to your Website.
If you want to delete the user but keep their contributions, select ‘Attribute all content to’, and then simply select which user you would like to attribute their previous work to.
The two key takeaways from this blog are the almost godly powers bestowed on those with Administrator permissions, and the importance of selecting a user role that gives you and your Small Business the security you need. Consider these two points carefully whenever you create a profile, or when your relationship with a contributor changes, and you stand a better chance of guaranteeing that everyone with access to your Website’s admin area is able to do what suits your Business Online.