Knowledge Base
How to Manage WordPress User Roles
Understanding User Permissions
WordPress has different user roles with varying permissions.
Default User Roles
| Role | Capabilities |
|---|---|
| Administrator | Full access to everything |
| Editor | Manage all posts and pages |
| Author | Publish own posts |
| Contributor | Write posts but cannot publish |
| Subscriber | Read content and manage profile |
Adding New Users
- Go to Users → Add New
- Enter username and email
- Set password (or send reset link)
- Select role
- Click Add New User
Changing User Roles
- Go to Users → All Users
- Click on user name
- Change role dropdown
- Update User
Best Practices
- Use least privilege principle
- Don't share admin accounts
- Create separate accounts per person
- Regularly audit user accounts
- Remove inactive users
Custom Roles
Use plugins like "User Role Editor" to create custom roles with specific permissions.
Security Tips
- Limit administrator accounts
- Use strong passwords for all users
- Enable two-factor authentication