One of the areas of the WordPress admin section is called Users. You may not pay any attention to this part of your website. If you are the main admin for the site, however, you might get email notices telling you that you have a new User, or that a User has changed a password.
Sometimes this can be unnerving. I remember, in the early days of Twitter, a client who asked me, “What are all these people doing following me? Do they want jobs?” That sense that these people must want something can be created by those messages about Users.
So who are WordPress Users?
If you click on Users in the main navigation at your Dashboard, you’ll see a list of all your Users.
The screenshot above is from a website with 20,341 Users. Your might have more — or you might just have one or two. So who are these people?
In a basic WordPress website, there are five different roles Users can have:
- Administrator: this person has all the power, and can delete the website if they want to (or accidentally).
- Editor: this person has control over all the content. They can change or delete posts written by anyone, for example. They can’t change plugins or get into the code editor, and they can’t delete the website.
- Author: this person can write and publish posts and make changes to his or her own posts, but not to other people’s.
- Contributor: this person can edit or delete his or her own posts, but can’t publish anything.
- Subscriber: this person can read posts and pages, and can control his or her own profile. Subscribers don’t have access to the admin section of the website at all. The profile shown below has an admin sidebar on the left. A Subscriber won’t see all those items.
This is what a Subscriber sees:
So the Users of your website include the Administrators, such as you and your web team and perhaps your web host, any writers you’ve given access, and Subscribers.
Where do Subscribers come from?
You should have just a handful of Administrators, and your Authors, Editors, and Contributors are people who have been given specific roles and levels of access. What about all those thousands of Subscribers, though? Where do they come from?
When you build a WordPress website, you can choose to allow everyone to register freely at your website. It’s a checkbox on the General Settings page, which says, “Anyone can register.” You can then choose the role people should have when they register. Most often, it’s Subscriber. You don’t want random strangers to have access to your admin area.
If you check this box, then your website’s login page will have the option “Register,” which you can see below.
This allows anyone to register — to subscribe — to your website. If you don’t like having Subscribers, you can uncheck that box and your log-in page won’t show that option.
Other User roles
So far we’ve been looking just at the native User roles that every WordPress website starts with. You may have custom user roles at your website, or additional User roles added by the plug ins or the theme you use. As you can see from the examples below, there are lots of different User roles.
The standard roles can be given to people, as with Administrator or Editor privileges. They can come automatically with registration, like the Subscriber role. But other roles may be acquired by other actions. For example, someone who buys something at your website might be a Customer. Someone who donates could be a Donor. These people have given you information about themselves, and your website stores that information in a User profile.