Editor and Admin Roles in WordPress

Editor and Admin Roles in WordPress: Which to Choose?

If you have a small team working on your website, making sure they are assigned the correct user role is essential for them to carry out their work. Yet, it may not be clear which user role will serve you best, and that’s true when deciding between the editor and admin in WordPress.

Both of these user roles provide a lot of freedom to carry out tasks, but there are key differences that make one more important than the other.

Let’s take a look at whether you should assign someone the editor or admin user role.

What Are User Roles in WordPress?

What a user can and cannot do is determined by what user role they are assigned. And by default, WordPress has five main user roles to pick from.

  1. Administrator (Admin)
  2. Editor
  3. Author
  4. Contributor
  5. Subscriber

Each of these roles has its own unique capabilities, and it is possible to change what each role can do. It is also possible to add your own custom user roles, or at the very least, rename the existing ones to better suit your team structure.

In this case, we are going to be exclusively focusing on what the Admin and Editor user roles are capable of.

What Is the Difference Between An Admin And Editor in WordPress?

To better understand what each of these roles delivers, let’s take a look at them individually.

What Is the Admin Role in WordPress?

Simply put, an Admin account allows you to do anything in WordPress. You have full control over publishing content, you can freely install and delete plugins, themes, and even other users.

Not to mention they actually have the power to assign other users their roles, including other admins.

As you can imagine, giving someone full control over your website is not an easy decision. In most cases, admin accounts are reserved exclusively for the site owner, but there are many instances where having multiple admin accounts makes sense.

For example, for a larger and more popular website, it is actually quite common for the actual owner to hire someone to run the daily activities. Thus, they would need an admin account to carry out the necessary tasks.

The bottom line is you can do anything with an admin account.

What Is the Editor Role in WordPress?

The Editor user role is the second most important user role in WordPress. As such, it has the most capabilities out of any user role minus the admin. Most notably, it has full control over the content area of WordPress.

Or in other words, it can create, edit, publish, or delete any posts on the site, even if they are not the original author.

What it cannot do is anything outside of the content portion of WordPress. This means the editor cannot install plugins or access the settings pages. He or she cannot install or edit the theme. They are limited to the content section.

As you might have already realized, there are many instances where you may need to access a plugin’s settings to use a feature in Gutenberg. This also limits you from installing plugins that give you access to more Gutenberg blocks.

Overall, the Editor can do anything in the content section of WordPress, but nothing outside of it.

So What’s the Difference?

Simply put, an Admin has unrestricted capabilities in every area of WordPress, whereas an Editor is limited to the content section.

While each role is powerful in its own right, there is no comparing an Admin account to an Editor. Admins are superior in every way, but that can be a double-edged sword. It is very possible that you may not want to give an individual that much power.

Why You Should Be Selective About Admin Privilege

Due to an Admin account having free reign over your entire website, giving someone those privileges is risky.

That’s why you need to select roles carefully for WordPress users. For example, someone with an admin account could delete every plugin on your website, which in many cases could stop a large portion of your website from working.

Think about that for a second. Someone could delete WooCommerce and completely shut down your online store and delete all of the products you have listed. Even worse, they could even delete backups that are stored on the website.

Essentially, someone could do some real damage to your online presence, which is why employees should only get the roles they need to perform their tasks. It might seem easier to give someone the ability to do a task you do, but it can be a disaster.

As a certain uncle once said, “With great power comes great responsibility.”

Instead of Choosing Between An Editor And Admin, Modify WordPress User Roles

Now to actually answer the question of which you should choose, well, it depends.

If someone needs full access to your website, then an admin account is the right call, assuming they can be trusted. Whereas if they just need access to the content portion of WordPress, an Editor is a better choice.

Nevertheless, that leaves a lot of space in between these roles. Instead, you should actually modify what each role can do.

For example, you might want to give an editor the ability to edit pages so they can better configure how content appears on the website. And you can actually modify the Editor role to do this, while at the same time limiting their ability to delete anything.

The same applies to plugins. Editors could have the ability to install and activate new plugins but lack the ability to deactivate or disable those tools.

You could even get more specific and cut them off from accessing certain ones like WooCommerce, but give them full control over Yoast SEO.

And frankly, this is the right way to approach the problem. I will never recommend giving someone admin control over your website unless they are under contract. It is far too risky.

Modifying the user roles is the best choice and there are plenty of plugins that can help you do it.

Plugins To Help Manage And Modify User Roles

While it is pretty easy to manage user roles in WordPress manually, there are plugins you may find useful. Most will allow you to easily assign users a user role and make changes to the its capabilities.

Here are three plugins you may find useful.

User Role Editor

User Role Editor

When it comes to managing user roles in WordPress, there is no better option than the User Role Editor plugin. This tool allows you to change what a user role can do in an instant.

For example, perhaps you want an editor that can install plugins on the site. Not a problem, simply edit the Editor role for that capability and you’re good to go. You could even create your own unique role between an admin and editor in WordPress.

It’s a highly effective plugin with over 700,000 active installs and it is incredibly easy to use.

PublishPress Capabilities

PublishPress Capabilities

PublishPress Capabilities is another excellent tool you can use to manage user roles in WordPress. It even has the unique feature of creating a backup whenever you change those capabilities.

This ensures that if something goes wrong, you can safely revert to a time before it happened. However, due to how simple the plugin is to use, I doubt you will ever need that feature, but it is good to have.

WPFront User Role Editor

WPFront User Role Editor

Another excellent plugin to consider is WPFront User Role Editor. Similar to the other two plugins, it can edit user roles to fit your needs. It can even edit the navigation menu options to only be visible to certain users.

In fact, why stop at just navigation menus? You can even make widgets invisible to certain roles. And of course, it has all of the tools you need to assign those roles, migrate user accounts, and even restore roles if need be.

FAQ

What Is The Super Administrator User Role?

Many are unaware that there is actually a sixth user role by default: the Super Administrator. And the main reason for this is that most sites cannot access it because it is exclusive to WordPress multisite installations.

So what can it do you ask? Well, it can do everything on any website within that multisite installation. However, it also has another impact on user roles. It changes what a normal admin account can do.

Or more specifically, it takes away their ability to upload, install, and delete themes and plugins, and they can no longer change user information.

In a multisite situation, the choice between an editor and an admin account is much easier as the regular admin account is less powerful than its default state.

Can An Admin Account Delete Another Admin Account?

Yes.

This is one of the reasons it is so important to not let employees get admin privileges unless absolutely necessary. They could easily delete your admin account. Of course, this feature does have its uses outside of disturbances.

For example, by default, WordPress uses the user name Admin for the Admin account. While this is logical, it means that hackers know the user name if you don’t change it. Or in other words, it’s a security risk.

That’s why it is highly recommended to make a new admin account and delete the original default one.

Can an Editor Change a Page Layout?

To a certain extent.

While the editor cannot directly modify a page layout by customizing the theme, they can change the way content is displayed in Gutenberg. For instance, you can use the Custom HTML block to customize a page.

This means you have full control over most aspects of the page. It’s also possible that an admin can grant an editor privileges to page layout templates from a page builder plugin like Elementor. This would give them free rein to create any type of page.

Can I Give Someone Temporary Admin Privilege?

Kind of.

If you were hoping to give someone admin access for a limited amount of time and see that access revoked, that is not an option. However, there are two other ways you could do this.

The first is to just make their account admin and return their user role to normal when it is no longer necessary. The second is to create a new admin account, give them the login information, and then delete it when it is no longer needed.

Or at the very least, change the login info so they no longer have access.

What Can I Do If Someone Deliberately Messes With My Site?

This is a tough answer because it depends on how severely someone hurts your website and what precautions you have taken.

For example, if someone decided to delete all of the content on your website, you could use a backup stored somewhere else, like the cloud or on a private hard drive, to restore everything.

At GreenGeeks, we have automated backups in place. However, they are not kept up in real-time. Meaning you may be missing a few changes from an earlier backup, but at least you can recuperate the vast majority of your website.

If you didn’t make a backup, you might be able to use the revision feature to undo the changes. The same applies to plugin deletion, a backup can solve this. This is just one reason why creating a backup is very important for any website.

Sometimes these actions are not deliberate and are just honest mistakes.

Choose The Right Role For the Right Job

The right user role is critical for the success of both the employee and the website. Without the right privileges, the person cannot carry out their job. On the flip side, giving them too many privileges may result in some serious damage.

Thus, like most things, it’s a balancing act of ensuring they have just enough to get the job done.

Why were you trying to choose between an Editor and Admin account in WordPress? What are your favorite role editor plugins in WordPress?

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.