WordPress has been a popular option for websites that need a content management system. Like other CMSs, WordPress provides comprehensive predefined user roles that fulfill the requirements of website administrators and managers.
Most of the website owners don’t know that they can provide limited access to the Dashboard for specific users. This action ensures that only a particular group of users have access to specific admin panel areas and options. Custom WordPress user roles also help minimize the chances of any accidents that can bring down the whole website.
In this article, I will describe two ways of creating WordPress new user roles using a plugin and ensure that everything on your website is under control.
- Understanding WordPress User Roles
- Getting Ready to Create New User Roles
Understanding WordPress User Roles
In WordPress, a User Role is a combination of:
A role is the name of a user group that will display in your WordPress Admin Panel, and capabilities are the privileges that admins can enable or disable.
Managed WordPress Hosting Starting From $10/Month
Experience Cloudways optimized hosting and get instant speed & performance boosts.
By default, WordPress has six primary user roles.
- Super Admin: The profile that has access to the entire website, including network administrative features.
- Administrator: The profile(s) that has all administrative privileges.
- Editor: The profile(s) that can create, edit, publish theirs, and other users’ posts.
- Author: The profile(s) that can create, edit, publish their posts only.
- Contributor: The profile(s) that can create, edit their posts but cannot publish them.
- Subscriber: The profile(s) that can only manage their profiles.
You can find your WordPress permissions right within your Dashboard.
Log in to your WordPress Admin Panel, navigate to Users → All Users.
You can see the current WordPress roles available on your website:
Getting Ready to Create New WordPress Roles
There are two ways to create, edit, or delete WordPress users’ roles.
1. Modify WordPress User Roles via Plugin
Sometimes a plugin that can control WordPress user permissions offers the simplest solution. There are lots of plugins for adding, modifying, and deleting WordPress user roles and capabilities. One plugin worth checking out is Capability Manager Enhanced from PublishPress, but in this tutorial, I will suggest trying out the WordPress User Role Editor plugin.
Once installed and activated, from the left pane, navigate to Users → User Role Editor.
As you can see, there are a lot of options to add/modify/delete WordPress users’ capabilities.
First of all, notice that you can see all the WordPress roles that exist on your WordPress site. If you want to update or change anything, select the user role from the list.
In my case, I have chosen the WordPress Editor role and marked where it says Granted Only you can see the existing capabilities assigned to the Editor.
The WordPress User Role Editor plugin allows you to rename the capabilities by checking the box.
And here is how the capabilities will show in human-readable form.
Ok, so now you have got an idea of how the plugin lists existing WordPress user permissions assigned to each WordPress user.
To increase the capabilities of a WordPress user, you can go to the respective group from the left side. For example, in addition to the current capabilities, I also want to allow the WordPress Editor Role to Add and Activate plugins.
For this, navigate to the Plugins group from the left pane and select Install Plugins and Activate Plugins and update the user by clicking the Update button on the right.
Now visit the Granted Only section, and you will see that the Editor can now Install and Activate plugins.
To add (or remove) capabilities for a specific WordPress user role, navigate to the respective group from the left pane, and assign (or remove) the capabilities accordingly.
Create a New WordPress User Role
User Role Editor plugin also allows you to create new WordPress Roles besides the Administrator, Author, Editor, etc. Click on the Add Role button from the right menu, and a new popup will appear asking you:
- Role Name (ID): A unique ID for each user role.
- Display Role Name: The name of the role that will be displayed.
- Make Copy of: Select the current role that would form the basis of the new role.
IIn my case, I have copied the Editor role and named the new role as Editor Limited Access. You can see, the new role has all the same capabilities as that of the original editor role.
Now, I can add/remove capabilities for this new role.
Just like adding a role, you can also add/create new capabilities and assign them to any WordPress user role.
Next, I will demonstrate how you can create custom WordPress user roles via code.
2. Create, Edit or Delete WordPress User Roles Manually
WordPress allows you to remove the default user roles and create custom roles by assigning limited privileges/capabilities to specific user groups (Roles).
The CMS provides five functions for managing WordPress roles and capabilities:
- add_role(): For adding a custom role.
- remove_role(): For removing a custom role.
- add_cap(): For adding a custom capability to a role.
- remove_cap(): For removing a custom capability from a role.
- get_role (): Gets information about the role and its capabilities.
Remove Default User Roles
I will start by removing the existing roles. Remember that WordPress, by default, has the following five roles:
For this tutorial, I will remove all user roles except the Administrator. For this, navigate to WordPress Admin → Appearance → Editor → Theme functions.
I will use the remove_role() function to remove the role. Copy the following code snippet and paste it at the end of the Theme Functions file.
remove_role( 'subscriber' ); remove_role( 'editor' ); remove_role( 'contributor' ); remove_role( 'author' );
Click the Update File button.
To verify that all the mentioned WordPress user roles have deleted, navigate to Users → All Users.
You can see that except for Administrator, all default WordPress roles have deleted.
Create New User Roles
For this tutorial, I will create three new user roles with the below WordPress user permissions.
- Administrator: with complete administrative access.
- Moderator: That can create, edit, publish theirs, and other WordPress users’ posts.
- Newbie: That can only edit their profile and create new posts.
To add these custom WordPress user roles, I will use the native add_role() function with the following syntax:
add_role( $role, $display_name, $capabilities );
- $role: A unique name of the role.
- $display_name: The name to be displayed in the WordPress Admin Panel.
- $capabilities: Privileges of the role.
Here is a list of all capabilities.
Since I didn’t delete the default administrator role, all the capabilities and privileges of the role are intact.
This role has the right to create, edit, publish their own, and other WordPress users’ posts.
Copy the following code and paste it at the end of the Theme Functions file.
add_role('moderator', __( 'Moderator'), array( 'read' => true, // Allows a user to read 'create_posts' => true, // Allows user to create new posts 'edit_posts' => true, // Allows user to edit their own posts 'edit_others_posts' => true, // Allows user to edit others posts too 'publish_posts' => true, // Allows the user to publish posts 'manage_categories' => true, // Allows user to manage post categories ) );
Click Update File.
Assign “Moderator” Role to a User
Next, I will assign this role to a user. For this, navigate to WordPress Dashboard → Users → All Users and follow the instructions below.
I have assigned the Moderator role to the user, “Alex.” You can see (from the image below) that when he logs in and goes to “Dashboard,” he will have limited WordPress access as per the capabilities of his new role.
This role can just edit their profile and create new posts.
To add this role, copy the following code and paste it at the end of the Theme Functions file.
add_role('newbie', __( 'Newbie'), array( 'read' => true, // Allows a user to read 'create_posts' => true, // Allows user to create new posts 'edit_posts' => true, // Allows user to edit their own posts ) );
After pasting the code, click the Update File button.
Assign “Newbie” Role to a User
For assigning the new role to a user, navigate to WordPress Dashboard → Users → All Users and follow the instructions below.
I have assigned a Newbie role to the user, “Dicaprio.” You can see ( from the image below) that when he logs in and goes to Dashboard, he’ll have limited privileges.
Now, I will assign the Newbie role to every visitor who registers on my website.
In this article, I have explained to you how to create WordPress user roles with the limited WordPress access and what are the various types and permissions one can use. As you have seen, there are many customization options, and you have a substantial margin of actions that you can make available or not for each of your WordPress users.
What WordPress user privileges have you enabled on your platform? Share your experience with us by leaving a comment in the box below.
Q: What Are User Roles in WordPress?
“User roles” is a term in WordPress that defines users’ access levels to your website. A “user” is anyone who has the login credentials to your website.
By default, WordPress has six basic user roles, i.e., Super Admin, Administrator, Editor, Author, Contributor, and Subscriber. Each WordPress user has a different access level.
Q: How do I Manage User Roles in WordPress?
You can manage user roles on WordPress by following the steps below:
- Log in to your WordPress dashboard.
- Click User > Add new.
- Click on the user name, and click Edit.
- Navigate through the Role options, and select the role from the drop-down.
- Select the desired role.
- Save changes.
Q: How do I Set User Roles in WordPress?
You can set user roles on WordPress by either using a plugin like “User Role Editor” or doing it manually by following the steps shared in this blog.
Q: How do I Manage User Roles in WordPress?
The WordPress user role “Editor” can create, edit, publish their and other users’ posts.
Customer Review at
“Beautifully optimized hosting for WordPress and Magento”
Arda Burak [Agency Owner]
Mustaasam is the WordPress Community Manager at Cloudways - A Managed WordPress Hosting Platform, where he actively works and loves sharing his knowledge with the WordPress Community. When he is not working, you can find him playing squash with his friends, or defending in Football, and listening to music. You can email him at [email protected]