How to Handle WordPress Users

As your website grows, and more people will start having access to it, you’ll need to understand how to manage WordPress users and their permissions.

So, whenever someone registers on your site, it gets assigned a specific role when the account is created. There are certain roles that you can assign to your WordPress users, in order to control what they can or cannot do inside your website. 

In terms of permissions, you can allow users to:

  • Write and edit posts
  • Create pages
  • Create categories
  • Moderate comments
  • Manage plugins
  • Manage themes
  • Manage other users
  • Import/export
  • Setting up the dashboard
  • Manage reusable blocks


And here are the 5 roles that users can be assigned inside a WordPress website:

  1. Subscriber
  2. Contributor
  3. Author
  4. Editor
  5. Administrator

I’ll describe them one by one in one in a sec, but first, I want to show you how you can manage users inside the WordPress admin area.

Let’s go.

WordPress Users and Where to Find Them

You can add new WordPress users or manage old ones in WordPress Dashboard -> Users. WordPress users in the Admin area

When you select “Users”, you’ll see three options:WordPress users options

  • All users: here you can see all your users. You can apply filters based on their role, and start to edit any user you like.Editing WordPress users

In our case, besides the “Edit” and “View” options, below every user’s name, there’s another option called “2FA”. This means that we’ve enabled 2 Factor Authentication, for website security reasons. For this, we are using a plugin called Wordfence.

  • Add new: here you start adding new WordPress users for your website.
  • Profile: the users can see their profile here. Several preferences can be set here such as default editor, contact info, password setup, social media profiles, etc.

Edit user profiles

WordPress User Roles Detailed

WordPress User Roles

Now that we know where to edit and add new WordPress users, let’s see what are their capabilities.


WordPress Subscribers

Subscribers can log in to your WordPress site and update their user profiles. They can’t edit pages or posts or make any other changes in the WordPress admin area.

When do you need this WordPress user? Well, when you have a membership website (eg: courses website), an online store, or any other type of website that requires users to create an account and log in.


WordPress Contributors

Website users that have the contributor role can add new posts, but can’t publish them. They can’t upload images or any other file to the Media Library, and this is a big disadvantage. They can create tags, but not categories. They are able to view comments, but can’t manage them.


WordPress Authors

WordPress users with the author role, have the same capabilities as the contributors. What is extra is the fact that they can publish their posts and add files to their posts.

They can’t manage plugins, access themes, or change dashboard settings. Because of these limited capabilities, subscribers, contributors, and authors are low-risk WordPress users.


WordPress Editors

This role gives full control over posts and comments: from editing to publishing.

WordPress editors can’t add other users, install plugins and themes, or make additional site settings.


WordPress Administrators

These WordPress users are the most powerful ones and the riskiest ones. Be careful who you give this type of access to.

Besides the editor capabilities, administrators can also install themes and plugins, manage users. They can even make changes to the users’ personal information and passwords.


To spice it all up: enter super-admins.

This WordPress user is only available on a WordPress multisite network. WordPress allows you to create multiple websites using the same WordPress installation. For example, a school might want to run separate websites and manage them in the same dashboard. This would mean that a super admin will have access to all of these sites, and even delete them. 


How to Customize WordPress User Permissions and More

Most websites out there don’t need extra capabilities for their users and can work easily with the default users.

But what if you need some custom capabilities?

Well, it’s time to talk about plugins. Here are the top 3 most popular plugins that allow you to manage WordPress users.


Members – Membership & User Role Editor PluginWordPress user role plugin



Active installs: >200.000

Plugin features:

  • Role Editor: Create, edit, and delete roles as well as capabilities for these roles.
  • Multiple User Roles: Assign multiple roles to a user.
  • Explicitly Deny Capabilities: Deny specific capabilities to specific user roles.
  • Clone Roles: Clone existing roles.
  • Content Permissions / Restricted Content: allow or restrict permission to certain website content.
  • Shortcodes: use shortcodes to control who has access to content.


Ultimate Member – User Profile, User Registration, Login & Membership PluginUltimate Member – User Profile, User Registration, Login & Membership Plugin



Active installs: >200.000

Plugin features:

  • Front-end user profiles.
  • Front-end user registration.
  • Front-end user login.
  • Custom form fields.
  • Conditional logic for form fields.
  • Drag and drop form builder.
  • User account page.
  • Custom user roles.
  • Member directories.
  • User emails.
  • Content restriction.
  • Show author posts & comments on user profiles


WP-Members Membership PluginWP-Members Membership Plugin



Active installs: >80.000

Plugin features:

  • Restrict or hide posts, pages, and custom post types.
  • Create custom registration and profile fields.
  • Notify admin of new user registrations.
  • Hold new registrations for admin approval.
  • Shortcodes for login, registration, content restriction, and more
  • Create powerful customizations with more than 120 action and filter hooks.
  • A library of API functions for extensibility.


Wrapping Up

At the end, I wanted to show you in a more friendly way the available WordPress users and their capabilities. So I created a table for you.

WordPress user Capabilities
Subscriber Read
Contributor Subscriber capabilities
Create draft posts
Author Contributor capabilities
Manage and publish own posts
Editor Author capabilities
Manage and publish others' posts
Manage pages (private included)
Publish pages (private included)
Manage categories
Moderate comments
Create and edit reusable blocks
Administrator Editor capabilities
Manage users
Manage plugins
Manage settings
Update core


If you liked this article, and you want to learn more about how to design a WordPress website, make sure to subscribe to Colibri’s Youtube channel and follow us on Twitter and Facebook!



+ posts

Alina is a digital marketer with a passion for web design. When she's not strategizing she's doing photography, listening to podcasts on history and psychology, and playing with her 2 dogs and cat.