The Small Design Studio with Big (Green) Plans
User Roles are an essential part of building a community with your WordPress site, but there are a few pitfalls that we’re here to help you avoid.
For instance – what do you do when a spammer signs up to your site and starts filling your post calendar with spam drafts?
How do you limit access to the dashboard to new subscribers?
How can you build a full-fledged membership site and get paid?
Let’s start this off by defining user roles.
Each fresh install of WordPress comes “pre-packed” with five specific user roles, as follows: Administrator, Editor, Author, Contributor and Follower.
Your first user (you) will always be an Administrator. We highly recommend NOT using the default “admin” as the username. If you do, make a new account for yourself and reduce the “admin” account to a Follower.
Administrators have full power over the site – posts, pages, plugins and themes. You don’t want anybody hacking into one of your Administrator accounts, and you definitely don’t want to give Administrator privileges to new users.
Editors have quite a bit of juju, too. They can view, edit, publish, and delete posts and pages, manage comments, categories, tags and upload files/images. They have keys to most of the castle.
Enter “Author” stage right – the author is a bit more limited, they can edit and publish their own posts, but can’t touch anybody else’s. They can upload images, too. The Author role is good for…authors.
Those dreaded Contributors. Well, they have some use, but we made the mistake of allowing all new users to be Contributors once. That didn’t end well. We had spam “drafts” out the wazoo. That was ugly.
Basically, a Contributor can write drafts for your blog. Just draft posts. This is good if you have some new writers that you think you’d like to moderate or edit before their posts go live.
Avoid giving spammers this role – they can make one extra headache for you as you clean out fake drafts advertising diamonds, condoms and relationship advice.
Last but not…well, yes – last and least: the Follower role. Not to say that Followers are bad, indeed they are quite good to have. This should be your default user role for new subscribers – they get updates on your posts and with the right plugin you can give your subscribers access to limited areas of your site.
Our next Client Education post will detail a few plugins that can make managing users MUCH easier.
Keep those spammers at bay by limiting Registrations, make new User Roles with specific purposes, and create special areas for your registered members. Fun times.
If you have any requests regarding future topics, let us know in the comments!