Close
Close

Weekend Project: Set Safe, Secure User Roles on Your WordPress Blog

This guest post is by Karol K of ThemeFuse.

One of the final steps of the famous five-minute WordPress installation is to set up an Admin account. This account, by default, is assigned to the role of Administrator, which is the most powerful user role in WordPress.

But Administrator isn’t the only role available. You can, and as a matter of fact should, use other roles when working with your blog on a daily basis.

WordPress user roles sounds like a boring topic. It sounds like something a web developer has to deal with, or an administrator, or someone with a similar job description. And that pushes user roles to the bottom of our to-do lists when we’re setting up our blogs. Even though we get exposed to the whole idea quite early, during installation, we usually ignore it completely.

If you’re new to WordPress, and the whole concept of running a site is something you’ve never done before, you might think you only need the main Admin account. This seems reasonable, especially if your blog is a single author’s work, and that author is you.

But that’s not the best approach, unfortunately. For one thing, if you only have one user account, your Dashboard will get cluttered, which lowers the usability of WordPress as a publishing tool.

Even more importantly, if you just use the Admin account, you are more prone to all kinds of attacks and hacks than if you took a more systematic approach to user roles.

Why having just one user account is a security issue

Relying on a single user account is a security issue for a number of reasons.

First of all, your username is publically visible to anyone who goes to your author archives (usually at domain.com/author/your-username). This means that if someone wants to hack into your blog, they only need to break your password.

Secondly, if your admin account gets hacked, you can lose everything—your whole blog. You can even have it permanently deleted.

This is why it’s worth knowing a thing or two about user roles, and to use the Administrator role for admin purposes only. (Also, always hide it behind a truly complex and secure password, but that’s a another story.)

What are WordPress user roles for?

Essentially, user roles define what users can and cannot do with a given blog. For instance, depending on the role, one user might have the ability to edit everyone else’s posts, while another user might not even have the ability to hit the Publish button on their own posts.

What’s all this for? If you have a multi-author blog, the answer is obvious. You don’t want to let anyone do whatever they please with your blog. (A good practice is to allow different contributors to do just the bare minimum they must do in order to get their particular jobs done.)

For a single-author blog, creating an additional account can be a solid safety measure. You can use this new account to publish content, and edit posts and pages. And whenever you have to do any administrative work, you can switch to the Admin account.

User roles in WordPress

There are five basic user roles in WordPress, and one “super-role.” They are:

  • Subscriber
  • Contributor
  • Author
  • Editor
  • Administrator
  • Super Admin—the super-role.

Let’s take it from the top.

Subscriber

This is the most basic role for user accounts in WordPress. Most blogs that enable user registration assign every new user account to this role.

Basically, this role doesn’t have any privileges at all. The only thing a subscriber can do is manage their profile—it provides them with access to the WordPress Admin panel, section Users > Your Profile.

Usually, this role is used as a placeholder. If someone is no longer contributing to the blog, but you don’t want to delete their account, you can simply change their role to Subscriber.

Contributor

This is the most popular user role you can give to guest posters and other regular contributors.

Every Contributor can create a new post, edit it, and then submit it for review. They also have access to the comments section and can manage comments. However, once a post is published, a contributor can no longer modify that post.

Contributors don’t have access to anyone else’s content, which makes this role perfect for working with guest authors, as mentioned before. If you’re operating a single-author blog, however, then it’s not a role that will be useful to you.

Author

This is a great role for multi-author blogs. Each author can manage their own posts, edit them, delete them, and publish them to the site. They can also access to the content once the post is published. Essentially, an Author is a Contributor with a possibility to publish posts.

Even though there are three roles above Author, it still should be assigned only to trusted members of your team—people who you consider coauthors of your blog. Giving this role to someone who you’re not in any kind of professional relationship with is not the best idea.

Editor

This role enjoys the privileges of all the previous ones. In addition, it can manage all posts (written by any author), create and edit pages, and has access to every other piece of content published on the blog, including categories and tag management.

All this makes it perfect for single-author blogs. It’s a good idea to set an Editor account for yourself, which you’ll then use to publish and manage content.

For multi-author blogs, this role should be used by the person in charge. That one editor (or a small group of editors if the blog is a bigger one) will get the deciding vote regarding every post or page.

Administrator

In a sentence: this is a role that gets access to all the Admin features. It’s the most powerful role (except for the Super Admin, which we’ll get to in a moment)—there’s no one above the Administrator.

As I mentioned before, you get one Administrator account during installation. You can create more Admin accounts later on, but I don’t advise you to do so if you don’t have a good reason.

Also, make sure that your Admin password is secure and impossible to break. Try to use as many special characters, numbers, and big and small letters in your password as possible. The more complex your password is, the better.

Super Admin

WordPress allows you to create something called a multisite setup. Multisite setup is when you launch more than one WordPress site from a single installation of WordPress. You can have as many sites as you want, but they all have to sit in different directories or sub-domains.

I’m explaining this as an introduction to what the Super Admin role is: basically, it’s someone who has administration access to all the websites in a multisite network. Hence the name “Super Admin.” Apart from that, the role doesn’t have any additional responsibilities over an above those in the Administrator role.

How to set user roles

WordPress has always been quite an easy environment to use, so setting roles is as easy as anything else. You start by going to the section of Users > Add New:

Setting user roles

The form that gets displayed features a dropdown list, where you get to select the role you want to assign to the new user (you can do the same for existing users):

Selecting the role you want

Once you hit Add New User or Update User (depending if you’re creating a new account or editing an existing one), the role will be set. In other words, your work is done. This must be the shortest how-to guide ever!

Just to wrap up, let me give you some quick tips on the role setup I advise you to use for depending on whether you have a single-author blog or a multi-author blog.

Assigning user roles for single-author blogs

This is the simplest setup possible, and it only features two user accounts:

  • Administrator account for all admin tasks, as described in detail earlier in this post.
  • Editor account for all content publishing tasks. This is the account you should use to add new posts, edit pages, moderate comments, and all sorts of other content-related things.

Assigning user roles for multi-author blogs

This is a more complex setup. Consider using it only if you have a bigger team of people managing your blog:

  • One Administrator account for all admin tasks.
  • One, or a small number of Editor accounts. These roles will take care of managing the blog’s content as a whole, doing some final editing, and making sure that all posts share the same quality.
  • Author accounts for every member of your team. These people will have the possibility to publish their posts whenever they please, so you still need to be careful with these accounts.
  • Contributor accounts for all guest authors, contractors, and other regular contributors. After a Contributor submits their post for review, an Editor can check it and hit the Publish button if the post meets the standards of the blog.
  • Subscriber accounts as placeholders for contributors or authors who are no longer active, but might come back someday, so it’s best not to delete them permanently.

This closes the topic of user roles in WordPress. I hope that you can see their value even for single-author blogs. I, personally, have an Editor account on all my blogs, and I rarely log in to my Administrator accounts. Only when I need to perform an update or change something about my plugins or themes will I use the Admin role.

What’s your current approach to WordPress roles? Are you using user roles or are you simply doing every task from your Administrator account?

Karol K. is a 20-something year old web 2.0 entrepreneur from Poland and a writer at ThemeFuse.com, where he shares various WordPress advice. Contrary to what you might think, he doesn’t want to be the worst blogger on the planet. Don’t forget to visit ThemeFuse to get your hands on some premium WordPress themes (warning: no boring stuff like everyone else offers).

About Guest Blogger

This post was written by a guest contributor. Please see their details in the post above. If you'd like to guest post for ProBlogger check out our Write for ProBlogger page for details about how YOU can share your tips with our community.

Problogger.net runs on the Genesis Framework

Genesis Framework

The Genesis Framework empowers you to quickly and easily build incredible websites with WordPress. Genesis provides the secure and search-engine-optimized foundation that takes WordPress to places you never thought it could go.

Check out the incredible features and the selection of designs. It's that simple - start using Genesis now!

Comments

  1. Chihuahua0 says:

    Sorry that this comment is only remotely related to this post, but I have a question:

    Do you know any similar blogs out there that deal with Blogger, instead of WordPress? I use the Blogger platform, and I can’t find any good guides for it.

  2. I have set my WP’s settings to “Anyone Can Register”. There are abut 8-10 users right now in my blog. What do you think they are fake users registered to my blog for their blog’s link building or they may be useful for me ?

    • Karol says:

      Unfortunately, you never know. If you have a new blog, and there are just these 8-10 users then they are possibly fake.

      If the users are real then they can only be useful to you if you start sending them emails with any sort of communication (maybe even some promotional material). But it’s good to have more people on board for that to work.

  3. mantic59 says:

    Unfortunately “Contributor” accounts cannot upload media (like photographs) themselves, which can be really annoying (to me anyway).

    • Karol says:

      That is right. You can probably get a plugin to fix it or do it manually (alter the source code). Anyway, this is kind of strange to me too.

  4. WordPress security is something I find really interesting, from my own view point I have created websites for clients and optimised them. One of the last things before launch or first on a new optimisation project is to take the steps above and protect the website. In addition to that I would take a look at using .htaccess security to lock off various folders well known to web designers using wordpress – a plugin called “BulletProof Security” is pretty awesome at this.

    SEOAndy, Manchester

    • Karol says:

      It’s nice to have a pre-made template of .htaccess which you can use on every blog you launch (with just some minor modifications). Thanks for mentioning the plugin, will have to check it out.

  5. Ehsan says:

    I also think that single-author blog is good option to choose. I have sing;e author blog and I own do everything on it. I don’t have any editor, subscriber, contributor and administrator.

  6. Unfortunately “Contributor” accounts cannot upload media (like photographs) themselves, which can be really annoying (to me anyway).

  7. Emily says:

    Another nice reason to use another user role, even if you have a single author blog, is that “your name” instead “admin” is more personalized and builds a more personal brand. This way when you reply to comments on your blog, you respond as your name and picture, instead of as “admin”.

  8. Great! I never ever thought about 2 or more accounts on my own blog, where I should have for security reasons.

    Thanks for tip!

    David

  9. While I don’t disagree with the approach you’ve suggested I must point out that your user name is only publicly visible if you don’t set a different Nickname and then select the new Nickname in the ‘Display name publicly as’ drop down menu. (In fact, when you set a new Nickname the drop down menu automatically selects it as the display name).

    Whenever I set up new sites I always create user names as well as passwords with a mixture of letters, numbers, upper/lowercase and symbols.

    I then go to the Nickname field and change it to a real name.

    The Nickname is what’s visible publicly, not your username, unless you fail to change your Nickname.

    Cheers,

    Martin.

  10. Gjivan says:

    First of all i wanna thank Karol for this informative post. Its obvious that using super admin or admin profile for posting and for administrative purposes can be prone to brute force attacks and similar hacks. Your profile can be seen publicly in each of your posts you publish. But, having multiple profile having different hierarchy level do not solve this issue in most cases. If a hacker knows, your author profile id as your admin username, its easy for them to crack the pass but i have got a solution for this.
    1) changing the default login preferance to something another by a powerful plugin viz wp lockdown. This will even restrict to access login.php and wp-admin to those who are not registered to ur site. You need to change your login page from yoursite.com/login.php to yoursite.com/enter etc.
    2) Installing another plugin viz login lockdown, which will block the whole ip range after certain failed login attempts.
    3) Changing the author name ( normally admin) from cpanel, phpmyadmin>>> Site users, different from your login user name. Be sure the character count of the username must be same of admin, means 5 letters
    After doing this i hope, ur wordpress blog is secured from such attacks!!!

  11. Anthony says:

    Thanks for the info on user accounts. I don’t know much about the security aspect of it, but having a separate admin and user account makes things a little cleaner for me.

  12. ronnie says:

    For anyone who uses Linux regularly, having more than one role ie; root and regular user, is a no-brainer. However..imho..Wordpress makes this somewhat difficult. For example…if I have a single user blog..I of course have to be an Admin….but…if I want to also be say, an Editor, for all the intelligent reasons mentioned in your article..I must have two distinct email addresses. You cannot register one user in different roles, using the same email address. Logic error on the part of WordPress if you ask me.

  13. Hi Karol,
    Thanks for your tips. I used to use the standard Admin plus password set up until a year back when someone warned me of this danger of having a generic user name ‘ admin’ Now I set up a sit with ‘admin’ and then change it a few minutes afterwards to avoid as much as possible a trace in the system of the username.

    I also make sure my username is not at all related to my interests like the content of the blog or it will be easier to be hacked.

    I also totally agree with the idea of having user names and passwords that are a mix of letters and numbers.

    David