Knowing the roles and capabilities of the WordPress users is a must if you plan on allowing users to register, or password protect your WordPress site. Make sure you don’t give the wrong people access to your vital WordPress dashboard settings.
For most WordPress bloggers there is probably only one user which is you the sole owner and blogger. Recently a client asked if they could keep the entire WordPress site password protected only allowing those with the password access to the content. There are several ways to do that and in that case a plugin was used called Registered Users Only. The plugin is used to allow only registered users access to the entire site including the front, or content area. But this post is not really about the Registered Users Only plugin but choosing the correct user role.
It is very important not to give just anyone complete access to the entire WordPress dashboard which is the role of the Administrator. In the case mentioned above I suggested that one user be created as a Subscriber which only gives access to view comments in the dashboard and then give full access to the traditional public view of the front side of the blog if it were not password protected with the Registered Users Only plugin.
From the WordPress Codex the Roles and Capabilities of the WordPress users are as follows:
Summary of Roles
- Administrator – Somebody who has access to all the administration features
- Editor – Somebody who can publish posts, manage posts as well as manage other people’s posts, etc.
- Author – Somebody who can publish and manage their own posts
- Contributor – Somebody who can write and manage their posts but not publish posts
- Subscriber – Somebody who can read comments/comment/receive news letters, etc.
Under general Settings you can setup a WordPress blog to allow anyone to register. If you choose to do so keep your WordPress blog safe by setting up your users in the proper context.