As the Administrator of a WordPress site you are basically all powerful. You can create new users change user roles, modify the appearance of the site, add and remove plugins, even edit the code that defines the site itself, basically do anything you want. This level of access is very dangerous, anyone who uses it can easily hose the site if they aren’t absolutely sure of what they are doing. Fortunately, there are other user roles that you can assign that limit individual access to levels that are much safer. As an administrator it is important you limit people’s access to what they need rather than what they may want. Otherwise, you will find yourself continuously fixing problems, caused by inexperienced users making simple mistakes. So consider carefully before you give someone complete control over your website.
On the lower left hand side of the administrator dashboard located between Plugins and Tools is a section called Users. It is here that you can see all your current users, view your profile and create new users. When you select Add New you get a form which requests a new Username, Email, First Name, Last Name, Website and Password, followed by the Role you want to assign to the user. I’ve written this article to help you assigning your users the correct level of access will save you significant grief later on.
Basically there are 5 levels of Access you can a assign a user:
Administrators have all the keys to the kingdom. The only person higher than Admin is the super admin running the server that the web site is on. (They can do anything because they have access to the SQL database the site is built on…) Be very careful who you give Administrator level access they can do a lot of damage and even shut you out of your own site.
All the links to left are fully functional, from adding a Post to modifying a plugin’s options you can do just about anything. Be very, very careful and if you are not extremely confident with WordPress and what ever you do, don’t add plugins without consulting with your web master. Personally, I recommend that you limit your own access level to Editor level and let your web master run the web site, after all that is what you pay him to do.
This level of access is much safer for power users, you can add and edit pages and posts, upload media, publish and manage posts and pages as well as manage other users’ posts, basically it is the level of user rights you would want to control the content of the site without getting into the nuts and bolts of managing the site’s functionality. Many of the dashboard links e.g. Appearance and Tools, for Editor and lower level access bring up the page you can see to the right when you click on them. This is the level I recommend to my clients as users. I find it saves everyone a lot of grief and confusion. As a basic rule of thumb, no one should ever have more control than they need.
Author level is very similar to Editor level access but it eschews control over pages and focuses on posts and media. Author is a rather poor name for a level where the user can publish and manage their own posts. Again Appearance, Tools options in the dashboard do not allow you to make any changes and you get the same warning that you do not have permission to access these options when you click on them.
Is basically the same as Author except you can’t publish them.
Are the poor relations of contributors they can’t really do anything outside of looking at their own profile. However, some settings for comments only allow subscribers to post so in these situations they can actually contribute something, albeit only a comment on a page or post where permitted.
Well that’s it I hope that helped. There are optional plugins that enable you to create additional level of access with more granular rights management, but that is a bit more involved than I believe you would want for a simple introduction. For a more in depth and frankly, confusing description of WordPress Roles for the novice user, I recommend the following link: https://codex.wordpress.org/Roles_and_Capabilities