Describes the different user roles in WordPress, and the capabilities of each role. A user’s role defines that user’s responsibilities within the site. Suggested best practices regarding role assignment to WordPress site users are given.
Learn more about WordPress Roles and Capabilities .
- Do not share accounts among users. Create a unique account for every person who needs to access the website. See UBC Policy 104/106 .
- Disable or delete users accounts when the person leaves the unit or no longer has responsibility for updating the website.
- Limit the number of Administrator accounts as much as possible.
- The administrator of a department or unit should have an Administrator account. Preferably restrict the creation and use of Administrator accounts as much as possible.
- The Administrator can add and delete users of the site or change their role.
- The Administrator can change the site design and enable or disable plugins.
- Education IT staff will retain Administrator accounts on all sites, in order to provide assistance on a contingency basis, for example when a critical site failure needs to be solved when the regular site maintainers are not available.
- The department administrator will be responsible for assigning other user accounts within the unit.
- The department administrator will assign one or more staff to be site maintainers. The administrator will add the Editor accounts for each site maintainer.
- An Author can publish posts and manage their own posts.
- A Contributor can write and manage their own posts, but cannot publish them. This is useful for adding an approval step in your workflow.