How to Use WordPress User Roles to Manage Website Access | EP 626

How to Use WordPress User Roles to Manage Website Access

1. Admin 01:25
2. Editor  03:10
3. Author  03:41
4. Contributor  04:10
5. Custom Plugins  04:44

Read the full episode transcript below:

00:25 David Blackmon: Hey everybody. Welcome to another episode of WP The Podcast brought to you by WP Gears. I’m David Blackmon.

00:35 Tim Strifler: I’m Tim Strifler.

00:37 David Blackmon: Today in episode 626 we’re going to talk about how to use wordpress user roles to manage website Access. Now this  comes into play with anyone who has a WordPress website you may have people that work on your website, that contribute as authors or they do front-end work back-end work, and you may not want them having access to your entire site and we’re gonna that’s what the role editors is used for it’s to control users ability to do specific things on your website. So Ttim’s gonna kind of let us know what each role is and then we’re going to kind of dive into it a little more.

01:12 Tim Strifler: Yeah and let me eah. And let me just say really quickly, uh. If you have to give someone access to your website, the last thing you want to do is send someone, your admin username and password. So the existing username and password that you use to log into your site. And for some of you are like, well, duh, of course I want to do that, but it happens a lot. And we see it a lot, with our product support companies where, our support will say, “Hey, we need access to site, please, give us admin access”, and the user will actually send us the username and password that they use. And it’s like, you know, they didn’t reset the password or anything. It’s just super insecure. So what you want to do is you want to give someone their own user account depending on the access level that they need. So in the example, I just gave with, uh, Like product support and that sort of thing. You’re probably going to want to give admin, but you want to create a new admin user that way when you’re done, the support department has done fixing the issue or whatever, you can simply delete the admin account and then it’s gone, the access has been revoked. Um, and so that way you don’t give out your, your actual username and password. So, um, Just wanted it to kind of say that first up. And that’s kind of why WordPress has the ability to have user accounts. So everyone’s not logging in with the same username and password, but the highest level of, uh, for a typical WordPress site is admin. Now I say typical, because if you’re using WordPress multi-site, we’re not going to get into that. In this episode, WordPress multisite has a super admin user account. We’ll, we’ll discuss that on a, on a later episode, but, um, for a standard WordPress install, adamin is the highest level. Everything is, is included, uh, in that access so that you can add new users, you can add new plugins, new themes, you can edit all the plugins and themes and stuff like that. You have access to everything.

03:10 David Blackmon: Awesome! Next was is the editor role. T hey don’t have the ability to add plugins change themes add users the only thing that they can do is add and edit and remove content. So for example you write blog posts and you put blog content on your website and editor’s going to basically be able to have admin privileges for your blog. Basically  they’re going to be able to create new publish uh post content and stuff. 

03:41 Tim Strifler:  Yeah absolutely!  Now the next user access role is a little less than the editor is the author. Now authors can add and edit their own content but they can’t edit other content. So the editor like the name suggests can edit and have access to everything where an author can only add and edit their own content. And so they can’t go and delete someone else’s post or add to it or anything like that but they can access their own stuff and they can even publish as well.

04:10 David Blackmon: And the last role that we’re going to talk about is a contributor. A contributor can add content to your website but they do not have the ability to publish. So if you want to review something before it’s actually published or if you want to control when content is  published on your site you may want to consider using uh the contributor role for people who produce content on your site. That way you have access you you have the ability to manage when that content is actually published.

04:44 Tim Strifler: Yeah now those are all of the the default built-in roles that come with wordpress out of the box admin editor author contributor
however other plugins will add additional user roles uh depending on what the plugin does and that sort of thing. So for example Woocommerce and Easy Digital Downloads will add like Subscriber or Customer user roles as well. As like shop manager or store manager whatever to be able to add. And edit products and access store details and stuff like that and so um depending on on the plugins you’re using you might see  additional user roles there. Now there’s also ways to create custom user roles as well as edit the roles so for example maybe you want um
a Woocommerce store manager to to do everything that they can by default, but you also want to add maybe one additional capability that normally isn’t included. Well using a plugin that will allow you to edit the roles such as advanced access manager or user role editor we’ll have the links to those in the show notes you can go in, and you can Make changes to those roles or create an entirely new role and add different capabilities. So it basically pulls in the different capabilities of your site and you can kind of customize what you want the role to be able to do which is really powerful and then one last thing we want to recommend is is always test this like make sure that if you’re giving someone access that you know everything that they have access to and don’t guess actually see what they’re saying there’s a really easy way to do that you can use a plugin called User Switching or User Switcher. One of the two and basically you can go into uh WP admin users and then click the switch to link and it will show you what they see when they’re logged in and so that way you can see everything they have access to and and so forth so you know, what you’re giving people access to on your site. So that’s really important. 

06:43 David Blackmon: Absolutely! We hope this episode has been helpful on how to use wordpress user roles and give you some ideas on
how to manage what the users can do and not do on your site. Tomorrow we’ve got another great topic how to control the facebook
thumbnail and wordpress. Tim? 

07:02 Tim Strifler: Take care, bye bye.

07:04 David Blackmon:  Bye-bye until tomorrow we’ll see you then.