Users are defined as individuals who are given login access to your WordPress site. They may be blog writers, site editors, or any other member of your organization you allow to modify the site. 

Least Privilege Model

If your WordPress site has multiple users, it’s important to adhere to the Least Privilege Model. That is, users should only have access to the data and capabilities they need (and no more). 

For example, not every contributor should be an Administrator. Excess privileges allow not only malicious insiders to make unauthorized changes, but they also allow for accidental configuration changes. 

A user’s role can be viewed and changed inside the user settings. WordPress defines five roles by default: Administrator, Editor, Author, Contributor, and Subscriber. The following table explains the differences between these roles.

Be sure to set user roles to the minimum level necessary to fulfill the job. This will limit any issues if an account is compromised, and will also limit the ability to make costly mistakes. 

For more information on this topic please reach out to us; we’re here to help!

Did this answer your question?