Understanding WordPress User Roles

Overview

WordPress includes six default user roles, each with specific permissions and capabilities. Understanding these roles is essential for configuring role-based redirection and managing user access.

The Six Default WordPress Roles

Administrator

Capabilities:

• Install/activate/delete plugins and themes

• Manage all users and roles

• Access all admin settings

• Publish, edit, delete any content

• Import/export data

• Update WordPress core

Typical Users:

• Site owners

• Lead developers

• IT managers

Recommended Redirect:

/wp-admin/ (WordPress dashboard)

Editor

Capabilities:

• Publish, edit, delete any posts/pages

• Moderate comments

• Manage categories and tags

• Upload media files

• Cannot: Install plugins, change settings, manage users

Typical Users:

• Content managers

• Editorial directors

• Senior writers

Recommended Redirect:

/wp-admin/edit.php (Posts management)

/content-management/ (Custom dashboard)

Author

Capabilities:

• Write and publish their own posts

• Edit and delete their own posts

• Upload images and media

• Cannot: Edit others’ posts, manage site settings

Typical Users:

• Blog writers

• Guest contributors

• Regular columnists

Recommended Redirect:

/wp-admin/edit.php?post_type=post (Their posts)

/my-articles/ (Custom page showing their content)

Contributor

Capabilities:

• Write posts (saved as drafts)

• Edit their own unpublished posts

• Cannot: Publish posts, upload media, delete published posts

Typical Users:

• Freelance writers

• Occasional contributors

• Interns

Recommended Redirect:

/wp-admin/edit.php (Draft submissions)

/pending-submissions/ (Custom page)

Subscriber

Capabilities:

• Read all content

• Edit their own profile

• Cannot: Create content, access admin features

Typical Users:

• Newsletter subscribers

• Forum members

• Free membership users

• Registered readers

Recommended Redirect:

/member-dashboard/ (Custom member area)

/my-account/ (Profile page)

/member-content/ (Exclusive content)

Most Common for Custom Login Pages:

This role is most frequently used for membership sites and community platforms.

Customer (WooCommerce)

Capabilities:

• Everything Subscriber can do

• View order history

• Manage shipping addresses

• Download digital products

• Cannot: Create content or access admin

Typical Users:

• Online store customers

• Digital product buyers

• Service purchasers

Recommended Redirect:

/my-account/ (WooCommerce account page)

/customer-portal/ (Custom page)

Role Comparison Table

Role	Create Content	Publish Content	Manage Users	Install Plugins	Best For
Administrator	✅	✅	✅	✅	Site owners, developers
Editor	✅	✅	❌	❌	Content managers
Author	✅	✅ (own only)	❌	❌	Blog writers
Contributor	✅ (drafts)	❌	❌	❌	Guest writers
Subscriber	❌	❌	❌	❌	Members, readers
Customer	❌	❌	❌	❌	Store shoppers

Checking User Roles

View User’s Role

Method 1: Users Menu

• Go to: WordPress Admin → Users → All Users

• Find user in list

• Check “Role” column

Method 2: Edit User

• Go to: Users → All Users

• Click user’s name

• Scroll to “Role” dropdown

Assigning Roles

Change User’s Role

Steps:

• Navigate to Users → All Users

• Hover over user, click “Edit”

• Scroll to “Role” dropdown

• Select new role

• Click “Update User”

Bulk Change Roles

For multiple users:

• Go to Users → All Users

• Check boxes next to users

• Select “Change role to…” from dropdown

• Choose new role

• Click “Change”

Custom Roles

From Membership Plugins

Many plugins create custom roles:

MemberPress:

• Creates roles based on membership levels

• Example: “Gold Member”, “Premium Member”

Restrict Content Pro:

• Custom subscription-based roles

• Example: “Free Member”, “Pro Member”

WooCommerce Memberships:

• Plan-based roles

• Example: “Silver Member”, “Gold Member”

Using Custom Roles with Attributes

Role Priority in Multi-Role Scenarios

When Users Have Multiple Roles

Priority Order (highest to lowest):

• Administrator

• Editor

• Author

• Contributor

• Subscriber/Customer

• Custom roles (alphabetical)

Example:

If a user is both “Editor” and “Subscriber”:

• System uses Editor redirect

• User has Editor capabilities

Best Practices

Choosing the Right Role

• Start minimal: Assign lowest necessary role
• Upgrade as needed: Easier than removing permissions
• Regular audits: Review user roles quarterly
• Document decisions: Keep record of role assignments

Security Recommendations

Common Scenarios

Scenario 1: Blog with Guest Writers

Administrator: Site owner (1)

Editor: Managing editor (1)

Author: Regular columnists (3-5)

Contributor: Guest writers (unlimited)

Subscriber: Newsletter readers (unlimited)

Scenario 2: Membership Site

Administrator: Site owners (2)

Subscriber: Free members (unlimited)

Custom Role (Premium Member): Paid members (unlimited)

Scenario 3: E-Commerce Store

Administrator: Store owners (2)

Shop Manager: Store staff (2-3)

Customer: Shoppers (unlimited)

Scenario 4: Corporate Intranet

Administrator: IT team (2-3)

Editor: Department heads (5-10)

Author: Department staff (20-50)

Subscriber: All employees (unlimited)

Quick Reference

Most Common for Membership Sites

Subscriber – Used for 80% of membership platforms

Most Common for Blogs

Author – Writers who publish their own content

Most Common for Stores

Customer – All shoppers and purchasers

Most Restricted

Contributor – Can write but cannot publish

Highest Security Risk

Administrator – Limit to essential personnel only