How to Restrict User Access in WordPress

How to Restrict User Access in WordPress

When you download WordPress and start to build your website, your first user is automatically set as an Administrator. A WordPress administrator is the most powerful user role that gives you control of the entire website (we are not including Super Admin in the article but you can see its capabilities here). When creating more users, you have the option to choose four more roles. The default user roles that WordPress provides are:

  1. Administrator (automatically created when WordPress is installed)
  2. Editor
  3. Author
  4. Contributor
  5. Subscriber

A Brief Overview of WordPress User Roles

Administrator

As noted above, being an administrator gives you control of the entire site. You have the ability to add new users, posts, delete posts, plugins, themes, etc.

Editor

As an editor, you have options to add, edit, and delete posts (your posts and others). An editor cannot change site settings, plugins, etc.

Author

For the most part, an author is confined to their own posts. Authors have the same limitations above, but they cannot create categories.

Contributor

Contributors can add and edit posts they have created, but they cannot publish them. There are also limits placed on uploading images and files to the site.

Subscriber

A subscriber is a very basic user role that is primarily used for adding comments or reading a post, if a login is required.

You can click on the link below for more information about these user types:
https://wordpress.org/support/article/roles-and-capabilities/

What About More Advanced Ways to Restrict Users in WordPress?

There are two plugins you can use that can assist you in customizing your WordPress users: the Restrict Categories plugin and the User Role Editor. Both of these plugins can help you restrict access to only posting in certain categories or accessing certain areas on your website.

Restrict Categories plugin

WordPress was originally created as a blogging platform. That said, there may be some instances where you want to restrict a user to having the ability to only post in certain categories on your website. The Restrict Categories plugin gives you the ability to customize your users based on your websites categories.

Screenshot of a module titled "Restrict Categories" by Matthew Muro, with options to install or view more details. The module limits categories users can view, add, and edit in the admin panel, providing an essential guide on how to restrict user access in WordPress.

Once installed. You can select the roles or users you want to restrict categories too.

Screenshot of a website interface displaying how to restrict user access in WordPress for five roles: Administrator, Editor, Author, Contributor, and Subscriber. Each role has checkboxes for category options.

Example – Restrict a user to only adding posts in a certain category

If we wanted to only allow our “paperstreet” user to post in the “Criminal Law” category, we would select the following below and save the changes.

A screenshot of a website interface, illustrating how to restrict user access in WordPress. "Criminal Law" is selected among options including "Firm News," "General," and "Personal Injury." There’s a Save Changes button at the bottom.

Then when we get to add a new post with that user, you will only have the option to post in that category.

Screenshot of a website section titled "Categories" with tabs for "All Categories" and "Most Used." Below is an unchecked box labeled "Criminal Law." This could be essential for learning how to restrict user access in WordPress by categorizing content efficiently.

This is a great simple plugin you can use to differentiate users’ access on your website based on your categories. If you want a more advanced way to curb access on your website, the User Role Editor Plugin is a great option.

User Role Editor by Members

Screenshot of "User Role Editor by Members" plugin listing on a website, described as a powerful user, role, and capability management plugin for WordPress. Learn how to restrict user access in WordPress with this tool. Includes buttons for installation and more details.

 

Once you have installed the plugin, you will have the ability to add more roles to your website. Some examples include access-only permission to your WordPress newsletter platform (or mostly any other plugin you have installed), updating your websites plugins, editing posts/pages, managing your SEO, and viewing/updating your media section.

User management menu with options: All Users, Add New, Your Profile, Roles, and Add New Role. The "Users" section is highlighted. Learn how to restrict user access in WordPress for better control over your site’s users and roles.

The two images below show some of the ways you can set roles with certain limitations (click to enlarge the images).

Screenshot of a user capabilities list in an admin dashboard showing various permissions, including options to grant or deny capabilities like editing posts, managing links, and moderating comments. Learn how to restrict user access in WordPress effectively through these granular controls.

Screenshot of a long list of user permissions or roles, each accompanied by a checkbox on the right. The list includes options like 'Edit Users', 'Delete Themes', and 'Install Plugins'. Learn how to restrict user access in WordPress by configuring these checkboxes to control specific actions.

Example – Restricting users to only viewing and uploading images to a website (aka the media section).

Step 1 – Create a new role called “Images.”

Screenshot of a WordPress admin screen showing the 'Add New Role' interface, focusing on editing capabilities for media, including options to grant or deny the ability to upload files. Learn how to restrict user access in WordPress with customizable roles and permissions.

Step 2 – Assign the user to the new role.

A comprehensive list of user roles, such as Administrator, Author, Contributor, Editor, Pending (selected), Subscriber, SEO Editor, and WP Manager. Find out How to Restrict User Access in WordPress with these roles.

Once that user is created, you can log in and see they have access to the image area (other than their profile area).

Screenshot of a website's sidebar menu depicting options such as Dashboard, Media (expanded to show Library and Add New), Profile, and Collapse menu. Ideal for tutorials on How to Restrict User Access in WordPress.

This is just one of the many options the User Role Editor provides to tailor your users’ access on your WordPress website.

Conclusion

There are many different options for limiting users with both of these plugins. Using one (or both) can help you manage your website more effectively without worrying about your users accessing all areas of your website.

Share This

Join the Sales and Marketing News, receive our last insights, tips and best practices.

Our 7 Guarantees

Keeping 2,000+ Clients Happy Since 2001.

1
You Will Love Your Design We design to please you and your clients
2
Same-Day Support 24-hour turnaround edits during business hours
3
Free Education We provide knowledge to help you expand
4
No Hidden Charges We quote flat-rate projects
5
Own Your Site No strings attached
6
We Create Results SEO, PPC, content + design = clients
7
We Make Life Easier One agency for web, branding and marketing