Requesting Appropriate WordPress Website User Access

CLAS-IT Offers several levels of user access to our WordPress sites. In order of most access to least they are Administrator, Editor, Author, Contributor, and Subscriber. We ask that our department managers adhere to the Principle of Least Privilege. That is, when planning users for your WordPress installation, request user access at the lowest level to accomplish the task.


This role can edit, delete, or create posts and all other content types. Administrators can add and remove users from their website. Administrators have full control over the look and feel of their website and can change and customize themes that have been enabled for their site. We recommend reserving this role for trusted users who are required to have the aforementioned abilities.


This role is the most common role on our WordPress multi-site installations. Users that have Editor rights can delete and modify posts, pages, and other content types. They can manage categories, links, and comments. They can publish new content and also upload files. If you have a user that needs to be able to modify the content of the site but should not be able to perform any administrative functions, choose this role.


Authors can create, modify, and delete their own posts. They are essentially editors but their create, read, and update abilities are limited to items they author.


The contributor role has some of the least privileges in WordPress. Contributors are limited to writing, editing, and deleting their own unpublished posts. This is a great choice if you have many people that will add content to your website but you want to have controls in place before they can make their changes public.


Subscribers have the least amount of privileges. Subscribers cannot write or publish articles. Subscribers will be able to log in and edit their profile and post comments. There are some use cases where the subscriber role is utilized however, they make up a small percentage of our users.