First, a brief introduction to WordPress user roles. There are 5 basic user roles on WordPress. Here’s a very basic breakdown of what each role has access to:

Administrator – Has access to all administrative options and features.
Editor – Can add/edit/delete posts.
Author – Can add/edit/delete their own posts, but not the posts of others. Can upload media.
Contributor – Can write and edit posts and submit them for review. Cannot publish posts and cannot upload media.
Subscriber – Can change their own profile and leave comments, but generally has no other capabilities.

7 Tips for Setting WordPress User Roles

Here are my top 7 tips for setting WordPress user roles for your website.

1. There must always be at least one admin user. When WordPress is installed, an admin account will be automatically created through the installation process.
   Do not use a user name like ‘admin’ or ‘user’ or ‘wordpress’ for the sake of keeping your website secure. You should use a strong user name, and even stronger password. I like to use random.org/passwords to generate a password, and I add in a few random special characters to make it even stronger. Don’t use your birthday or your dog’s name. Read my article about choosing a secure password you can actually remember.
2. Use your admin account for admin tasks only! Set up a separate editor account for writing posts and pages if you’ll be doing some of your own writing.
3. Beware of too many chefs. Keep the number of admins as low as possible. If you are the site owner, you may want to limit your site to 2 admin roles – one for you, and one for your webmaster.
4. When adding a new writer to your staff, start them out as a Contributor and have a more seasoned editor reviewing their content before posting.
5. Be aware that editors can publish pages and posts, so only hand out this role when you trust the content a user is writing is going to represent your business well. Graduate your writers from Contributor to Author. Only your top writers should be Editors.
6. Grant non-technical support staff the level of Editor as the highest level of access.
7. Remember that admins have equal power over your website, and even the best intentioned people, when inexperienced, can cause harm to your site. Think of your admin account like the keys to your office.

I hope these tips have helped you to better understand WordPress user roles, and have given you some helpful tips on how to most effectively set user roles on your WordPress website.

Questions? Leave a comment or drop me a note to let me know how I can help.