¿Sabía que puede dar acceso a otras persons para administrar su sitio? Al utilizar los roles de Username from WordPress, puede colaborar con personas de manera segura y sencilla, adjudicar diferentes niveles de acceso a su sitio y al contents que contiene.
In this article, we will cover how WordPress user roles work and how to configure them on your site.
WordPress user roles
Then - What are WordPress user roles and what are they used for? As the name suggests, it is a user management feature built into your WordPress site. You can determine what actions users can and cannot perform, and group them into roles. Therefore, a specific role can be assigned with specific site administration privileges.
WordPress provides six by default User roles to give you more power over managing your site. Let's get to know them better.
Super administrator
The super administrator role only exists when the WordPress multisite the function is available. They are in charge of overseeing all administrators of the site and the multisite network.
They can manage and change everything from creating and deleting sites, to controlling content, themes, plugins, and profiles.
When the super administrator role is enabled, the privileges of the frequent administrator are reduced. They can no longer install themes and plugins, but can choose to turn them on or off.
Administrator
Administrators have all the power not only to manage the operations of their site, but at the same time to assign other functions.
They can create, delete, review, edit and publish content, manage plugins and themes, even edit code. This role at the same time has the authority to customize other user roles.
You can be the administrator of your own site or designate someone else. Regardless, be careful if you want to assign this task to other people. Choosing someone you trust is critical.
Editor
Editors have full access to manage all their site content and its attributes.
They can create, delete, review and publish their own publications, as well as those created by other authors. Editors can simultaneously manage comments, post categories and links. Users with this role often supervise authors and contributors.
Author
Unlike publishers who have full control over the entire content section, authors only have full control over their own posts. They have the authority to create, edit, delete, and publish their own posts. At the same time, they can edit their own user profile.
Taxpayer
Like authors, contributors are able to create and edit their posts and profiles. The main difference between the two is that contributors cannot publish their posts.
Subscriber
This role can only read posts and manage your personal profile.
Basically all visitors can read posts without being assigned as subscribers. Regardless, you can encourage users to become subscribers by offering them access to special content that only they can see.
What to do before configuring user roles
There are some good practices that you should follow when selecting to set user roles.
Backup your site
Es crucial hacer una copia de seguridad de su sitio de WordPress antes de realizar cualquier cambio. No solo puede restaurar la base de datos desde su server de alojamiento, sino que al mismo tiempo puede cargar el archivo respaldado desde su disco local cuando be necesario. Puedes revisar esto HostingWiki Publishing about how to do it correctly.
If the transition to multiple user roles causes problems or security threats, you can easily restore your site to its previous state.
Designate appropriate roles
You must consider the privileges of the user before assigning the roles. Choose what users can and cannot do.
Ask yourself: "Do you trust users?", "Will they write, review, edit, publish or maintain your WordPress site?", "Will they have full or partial control over your WordPress site?", Etc. Then, you can start authorizing roles.
By doing so, controlling the workflow and role of each user becomes very simple. At the same time, you will have the peace of mind of knowing that the operation and management of your site are in the right hands.
Best practices for configuring user roles
There are three ways to manage your WordPress user roles.
Add users from your WordPress dashboard
Follow these steps to add, edit, and remove users from your Dashboard:
- Once you log into your Dashboard admin area, select Users and choose the Add New option.
- Complete the form with the personal data of the new user, the password configuration and the designated role. Then click the Add New User button to save it.
- Once added, you can edit or delete the user by selecting All Users from the drop-down menu.
To have more control over user roles, you will need to use one of the other two methods.
Manually modify the code in your template file
If you want more options when setting up user roles, the answer is to tweak and tweak your WordPress site template file. Modify the roles by inserting code functions into your functions.php file.
WordPress offers five code functions to customize user roles and capabilities, which are:
- add_role () - add a role
- remove_role () - remove a role
- add_cap () - to add a capacity to a given role
- remove the lid () - remove a capacity from a given role
- get_role () - to obtain information about the capabilities of a certain role.
When typing the actual command, you will need to additionally complete:
- paper - the name of the role
- display name - what will be the name of the role in the WordPress panel
- capabilities - the privileges that the role will have. If you want to add multiple capabilities, you will need to use an array.
As an example, let's add a role called Publisher, which can publish posts and pages:
add_role ('publisher', __ ('Publisher'), array ('publish_posts' => true, 'publish_pages' => true,));Visit the official WordPress codex to see the lists of available capacities.
To start using the code, follow these steps:
- Once you've structured the code snippet, head over to your admin area and open the Appearance menu.
- Click Theme Editor from the drop-down menu, select the theme you want to edit, and open its functions.php file.
- Paste the code snippet at the end of the file.
- In conclusion, click Update file.
Be careful with the code snippet as it can cause problems if written without the proper syntax.
Use a user role plugin
While manually customizing WordPress user roles through code gives you the most control, it can be risky if you don't have coding skills. Alternatively you can use a plugin like Improved capacity manager.
The plugin not only makes it possible for you to configure the default WordPress user roles, but at the same time add custom user permissions based on your needs.
Once the plugin is installed and activated, you can customize the user roles from your WordPress dashboard. Click on the Users menu and select Capabilities. After that, you will see an editor that allows you to configure the role and add the capacity.
Tips for Using the User Roles Function Efficiently
While user roles are incredibly useful when collaborating with multiple people on your site, it is inherently less secure. A simple accident, like leaving a password saved on a public computer, can cause major problems. Here are some things you can do to keep your site safe:
- Use plugins - this enables you to easily manage user roles whenever changes are needed, or even force users to log out with the help of a security plugin (such as All in one WP).
- Limit the number of privileged users - Keep access to control your exclusive site. Take the time to select which user really needs which capabilities.
- Unassign suspicious users – para evitar el abuso del sitio Web, los ataques de fuerza bruta y otros intentos de piratería, es mejor eliminar a los usuarios inactivos durante mucho tiempo o aquellos que intentan iniciar sesión repetidamente sin éxito.
If you apply these tips, we believe that your site's user management will be safe and sound.
Final notes
WordPress default user roles are quite beneficial in keeping your site running. You can assign up to six different roles, namely:
- Administrator - fully manage the maintenance and content of the site
- Editor - fully supervise the authors and content management
- Author - you are only responsible for your own posts
- Taxpayer - you can only create and edit the content of your post
- Subscriber - can only read posts
- Super administrator - fully manage a WordPress multisite network
Make sure you've backed up your site and considered the appropriate roles before officially awarding capabilities.
You can add, edit and delete users from the administration area of your Dashboard. To do so, go to your WordPress Dashboard → Users → Add New.
At the same time, you can manually customize the roles by modifying your theme's functions.php file.
Regardless, customizing user roles with a WordPress plugin may be a better option. We recommend the Improved Capability Manager plugin to add, delete, edit and customize user roles with a few clicks.
Lastly, remember to always limit the number of user roles and deallocate suspicious users.
