WordPress User Roles and Permissions
WordPress lets you give each team member a role that controls what they can and cannot do. Giving everyone administrator access may seem simple, but it is a security and stability risk.
Matching roles to responsibilities keeps your site safer and reduces accidental mistakes.
The Built-In Roles
Each standard role grants a defined set of capabilities, from full control down to writing a single draft.
Principle of Least Privilege
Give each person the lowest level of access that still lets them do their job. A blogger rarely needs to install plugins or change site settings.
| Role | Can do | Typical user |
|---|---|---|
| Administrator | Everything | Site owner / us |
| Editor | Manage all content | Content manager |
| Author | Publish own posts | Regular contributor |
| Contributor | Write drafts only | Guest writer |
| Subscriber | Manage own profile | Logged-in reader |
Frequently Asked Questions
Who should be an administrator?
As few people as possible — usually just the site owner and your support team. Extra admins increase risk.
If you need a hand with any of this, your Progressive Robot delivery team is ready to help. Raise a ticket from the Support area of your client portal or speak to your account manager and we will guide you through the next steps.