WordPress is designed so that you can use the blog system with several users at the same time. Different user roles and user rights allow users to be assigned special editing rights. The administrator is able to control the user administration, create and remove users. The rights management can be granularly controlled by additional plug-ins.
WordPress is designed as a multi-user system so that different users can simultaneously edit a WordPress blog and, for example, write articles. However, since not every user should have the same rights, you can assign different rights or roles to your users in WordPress - for example, if only certain users are allowed to publish articles or change the basic settings of your blog. More about this later, now we will create a new user. Click on "User" in the left navigation bar:
The button "Add new" appears in the main display area, the same link can also be found in the left navigation. The dialog for creating a new user follows.
In the following screenshot all fields are already filled out, we will go into the meaning of the individual fields in more detail.
With the user name the user logs in to WordPress. The user name must not contain any spaces and should not (as in the screenshot) allow conclusions to be drawn about the name of the user. Security tip: Use a "nonsensical" string for the user name, because if hackers know the user name, they only have to find out the password.
Enter the user's e-mail address here, and the password and login will also be sent to this e-mail address. Each e-mail address may only be used once in a WordPress installation.
Enter the first name and surname here. If you do not enter a name here, the user name will appear in the contributions of the user. Security tip: As described above, the username is half the battle for hackers to hack your blog. If the user does not want to publish his name on the blog, he can define a nickname in his profile, this will then appear instead of the real name under the posts
The user's website appears in the comments made by the user. The field does not need to be filled in. It makes sense, especially for guest authors, to specify a website here, as links to the author/commentator are created.
WordPress generates (as you can see in the screenshot) very strong passwords. After saving the user data, the new user receives a mail with his login. The user is asked to enter a new password when logging in for the first time - it is important that a strong, i.e. secure password is chosen here as well.
The blog operator also receives a mail informing him of the new user. The mail contains the user name and e-mail address, but not the password. The users are therefore solely responsible for their passwords.
As already mentioned, different roles can be specified for each user. The roles grant different rights to the users.
A subscriber is an (almost) normal frontend user who can read and comment on posts, and can also edit his or her own profile. However, comments from subscribers must be activated by the blog operator itself if comments are not automatically activated.
Employees are allowed to do whatever a subscriber is allowed to do, in addition you have the right to write articles. However, they are not allowed to publish these articles themselves. Employees" cannot upload pictures to the media library, an author is required.
In addition to the employee rights, an author may publish and edit his own contributions, upload and delete images. Authors' comments are published directly.
Like authors, editors may publish articles
and upload images
to the media library. Since the editor is only one level away
from the administrator, he can create pages and edit categories
in addition to author rights. The administrator is not allowed
to make deeper changes to the themes or the basic settings.
Tip: Even if you run your blog as a solo entertainer, you should create an editor user for your daily work. This way you can be sure that you don't "mouse-slide" in the heat of battle with your administrator user and accidentally change important settings of your blog.
The users with the role "Administrator" have all rights! An administrator can also change themes, administer the basic settings and delete the entire WordPress blog. This user role is usually only assigned to one person. Use this role only if you want to set basic things in your blog, otherwise you should work with an editor user as mentioned above.
To create the new user now, simply click on the blue button "Create new user". You can later grant or revoke different roles and therefore additional rights for each user.
Users can edit their own settings by clicking on the "Profile" link in the left-hand navigation bar:
In addition to the fields already described, the user can provide information about his instant messenger services and leave "biographical information". These biographical data appear in some templates in the author box.
Further down the user can create or change a new profile picture via the service "gravatar.com" and create a new password. .
The function "Log off everywhere else" is not immediately visible to everyone. Actually, it's easy: You're a globetrotter and recently signed up for your WordPress blog in an internet cafe in Mumbai, but didn't sign off? With this function you can unsubscribe the computer in Mumbai from your blog..
The screenshot shows how important it is to choose a meaningful title for your WordPress blog. The title should clearly describe to the user which topic the page is about. In addition, the title is also relevant for the search engine findability of your site. An important keyword that your users are looking for should also be included.
As administrator you click on the link "user" in the main navigation on the left side, you get an overview of the created users. If you hover your mouse over the user name, links to edit, delete and view the profile will appear.
Click on "Edit" to edit the user. As administrator you can change all settings of the user. Here you can now also assign a different role to the user in the "Role" field. The following screenshot shows a section of a user's profile:
The rights management in WordPress is simple and absolutely sufficient for most applications. For those who want a little more control over their users, there are numerous plugins, a few of which we would like to introduce to you.
The "User Role Editor" allows you to easily change user roles and functions. Select the check boxes of the features you want to add to the selected role and click the "Update" button to save your changes.
After installing the plugin the user menu gets a new sub-item. Via the navigation point "User Role Editor" you get to the settings. You can also access the settings via the "User rights" link in the user table.
Add new roles and adjust the functions to your needs. Superfluous roles can be deleted if there are no users assigned this role. The role assigned by default to each newly created user can also be changed. The rights can also be assigned at user level. Several roles can also be assigned to the user at the same time.
To the plugin website: https://wordpress.org/plugins/user-role-editor/
"Members" is a user and role management plugin that gives you full control over the permissions of your website. This plugin allows you to edit roles and their permissions, duplicate existing roles, assign one or more roles to each user, or block post content. It's even possible to make your website completely private.
The administration of the roles with "Members" is somewhat easier than with "User Role Editor", since the individual authorizations are listed in plain text and not as a cryptic "database field". Also a further submenu appears under "User". Via the link "Roles" and "Add roles" the existing roles are administered respectively new roles are created
Zur Plugin-Website: https://wordpress.org/plugins/members/
Press Permit is an advanced content permission system. It is based on the Role Scoper, but features major improvements in versatility, performance and ease of use.
Press Permit is much more extensive and complex to use than the plugins presented here so far. With the installation a new navigation point is created in the left main navigation "Permissions".
To the plugin website: https://wordpress.org/plugins/press-permit-core/
In the user administration you set up users and edit their rights. Via different roles you can assign individual roles to each user. For more detailed rights structures you can install additional plugins. When creating users, you should pay attention to the following safety instructions: