How to Add or Remove Capabilities to User Roles in WordPress

Do you wish to change the WordPress user roles’ capabilities?

A straightforward but effective user management mechanism is included with WordPress. According to the jobs they are given, each user has specific powers.

We’ll demonstrate how to change user roles in WordPress by adding or removing capabilities from user roles in this article.

Why WordPress Should Add or Remove User Role Capabilities

WordPress includes a built-in framework for managing users as well as some default user roles and permissions.

You can do anything you want with your WordPress website as an administrator. You can, for instance, add or remove new users, set up plugins and themes, remove content, and more.

You can include additional users with Editor, Author, or Contributor user roles if you manage a WordPress blog with several authors. This grants them the ability to add new material as users, but prevents them from doing administrative functions.

WordPress also has a Subscriber role that enables users to check in and maintain their profiles on your website.

many responsibilities played by users on a WordPress website

Similarly, user roles with specific permissions can also be created by WordPress plugins. For instance, membership plugins can build their own custom user roles for members, and eCommerce plugins can create a user role for customers with specified special rights.

But what if you wanted to add more permissions or remove some already-granted permissions to a user role?

For instance, you might want to disable publishing for Author user roles or permit Authors to edit blog entries from other users.

What if you wanted to design a completely unique user role with a set of restricted abilities?

In light of this, let’s examine how to simply alter user role functionality in WordPress and establish unique user roles with particular permissions.

WordPress User Role Capabilities Add/Remove

The Members plugin must first be installed and activated. See our step-by-step tutorial on installing a WordPress plugin for more information.

You must go to the Members » Roles page after activation and select the Edit link next to the user role you want to change.

A user role edit

The user role editor will then be opened, displaying various areas in the left column and available capabilities in the right.

editable features

There are two checkboxes next to each capability that you may use to grant or deny authorization.

You must uncheck the Grant option and check the Deny box if a user role has been granted access that you want to revoke.

For instance, you must switch to the Entries section and then select the Deny box next to the ‘Publish Post’ option if you wish to stop the Author user role from publishing blog posts.

Take away ability

A user role can likewise receive extra capabilities in a similar manner.

Let’s say, for example, that you wish to permit users with the Author user role to filter comments as well. Users who have the Author user role by default are not permitted to monitor comments.

You must navigate to the ‘General’ area in order to accomplish this and select the Grant option next to the choice for moderate comments.

Increase capacity

After you have finished changing a user role, don’t forget to click the “Update” button to save your changes.

To check that your customized permissions are operating as you planned, create a new user account with that specific user role and log in.

A New User Role with Custom Permissions Is Added

The plugin also enables you to design unique user roles for your users, allowing you to decide what rights and powers to grant them.

Let’s say you want some users to be able to add movie reviews to the “Movies” custom post type on your website. You do not want them to edit any other sections, though.

You must build a special user role in order to accomplish this.

Access the Members » Add New Role page by going there. The custom user role needs a title, which you must first provide.

a new, unique user role

The section where you want to provide the user the powers can then be selected. For instance, on our test site, our custom post type is located in a section called Movies.

Users can be granted access to modify and publish content for that post type there.

After that, you can evaluate more parts to choose whether you want to provide visitors access to additional website features.

Don’t forget to click the Add Role button to save your changes after you are finished.

Now that you have built a custom user role, you can add a new user to your website and give them access to it.

person using a custom role

After that, you may use the new user account to log in and make sure everything is functioning properly. Here is a screenshot of our custom user role dashboard:

Dashboard for a specific user role

WordPress User Account Security Management

You may manage user access to the WordPress website’s admin area by customizing user roles and permissions.

However, it also exposes security holes and hacking attempts on your website. Here are a few steps you can take to ensure that only authorized users may safely sign in to your WordPress website.

1. Make use of secure passwords

Although WordPress comes with a reliable password generator by default, users can disable it. A password policy manager can be added to make sure that all users are using secure passwords.

2. Make two-step authentication mandatory

Users are required to input a one-time code in addition to their password when using two-step authentication to access their accounts. On their PCs or phones, users can produce this code using an authenticator program.

3. Put in a security plugin for WordPress

WordPress security plugins assist in securing your website by keeping an eye out for unauthorized login attempts and suspicious activities. Sucuri, the top WordPress security plugin available, is what we advise using.

We sincerely hope that this post has shown you how to change a user role’s capabilities in WordPress.