Knowing the difference between WordPress Roles
If you are the only person either in your company or the only person that logs into the backend of your site, you may not know the different users and their roles and how they affect your site. At some point though, you may need to have another person log into your site. Whether it be to help with a broken plugin/theme or if you are on a much-needed vacation and don’t have the internet to log into your site and update something that you may have missed before you left.
Today we will go through the roles of each user to help you understand what you need to know to add someone else even if it is just for a day. We will also touch on deleting a user as a bonus and why you should and shouldn’t do it.
With the administrator role, the person can do anything in the backend of your site.
- Full Access
- Create, edit and even delete any and all content
- Manage plugins and themes. This could be installing, updating or even removing them.
- Delete any and all other users
Nothing is off-limits to this user. It is like giving your business/home keys to this person. Are you sure you are ready to give up that much control?
An editor on a site is generally responsible for managing content.
- View, edit and publish posts and pages
- Moderate comments
- Upload files and images
- Delete posts and pages
They can not manage, add or delete plugins and themes. This role is widely used to oversee Authors and Contributors. This user is greatly used for a company that is focused around blogging/posts but admins do not always have the time to oversee content and to make sure that content is pushed out in a timely manner.
This role has even fewer actions that they can do than an Editor.
- Create, edit, delete and publish their own posts
- Upload media files
With their pretty clear role in the backend of your site, they are just responsible for creating and publishing posts. This user is great for a writer/blogger that is trusted to push out content on their own.
A contributor even has a role that is more stripped down than an author.
- Read all posts
- Deleting and editing their own post
- Can not upload media files
They can not publish any posts, including their own, nor can they edit their post that has already been published. If you have a new blogger/writer to join your group on a trial basis, this is the user for them!
How to Know What Role to Assign to Someone
Understanding each role is the most important thing to know when you are applying a role to someone new. As we all know, every site is different in not just the way it looks, but also the way they function. Here are a few tips to get started:
- Make sure that you give someone the level access that they need. Once again, security is the key to keep your site and also your clients safe. The lesser people that have higher roles, means that you will have fewer people having access to make huge mistakes and potentially take down your site with a swift click of the mouse.
- Keep the number of people with higher roles low. You only want one or two people with Admin roles. A few trusted people with Editor roles since they can still edit and delete pages and content. An Author should be assigned to a person that does regular posts for you that you are comfortable with them pushing out content without permission but your company will still stand behind. Someone that is new to the company or is a one time writer, you will want them to have the lowest authority in your site.
Why and Why You Shouldn’t
Deleting a user can be a daunting task and you may be wondering if it is going to be worth it or not. You could have given permission to someone to work on the backend of your site just once or a writer that just didn’t work out and that user is just sitting there unused. The more inactive users that a site has, the more vulnerabilities a site can have due to accounts being hacked.
Of course, there is a downside to deleting users. If you choose to delete a user, this deletes posts, media files and saved revisions of other user’s posts even if WordPress states that this user has posted zero posts. In a case where a user has posted and uploaded media files, you may end up with broken links or posts with broken images. You may not even notice that a link is broken or an image is missing for a while until a client or another user points it out to you. It is always in best practice to do a backup of a site before a major change. As long as you have a backup of the site before you delete a user, you can always go back to see what exactly is broken so it can be fixed as long as it hasn’t been that long ago.
Another good rule of thumb when it comes to deleting users is not to. This is sounding contradicting from the paragraph above, but in order to make 100% sure that you will not lose anything is to “Attribute All Content to [Another User]” instead of just deleting a user completely. This will save you the headache of knowing or not knowing if the user has uploaded media, has revisions and posts in general. All of this user’s content and media will be transferred to another user or even yourself. This is also helpful if no one catches the broken link or image for a few months, weeks or even a few days. By the time you realize that you have something broken, that backup that you did before you deleted the user is now just taking up storage since you have already made several more posts/blogs or backend updates to your site.
In short, if you need to add users, make sure that you do not give them more permissions than they need so there are no mistakes when you give an inexperienced user the ability to change or delete pages or plugins. Don’t forget when you need to delete a user due to inactive or someone that just didn’t work out with your company, make sure you “Attribute All Content to [Another User] instead of deleting a user completely. These small guidelines will help with any headache that you come across with adding and deleting users.