Adding New Users to WordPress

WordPress Users and Roles

Whatever type of website you would like to create, WordPress can cater for it. Want a personal blog, or full blown eCommerce site? Or even a Membership site is easy to create with WordPress.

Let’s imagine you are creating a forum or a membership site where you want other people to create their profiles and even collaborate with others, you can add new users easily in WordPress.

Although most plugins whether for forums, membership sites or eCommerce sites allow you to create and add new users to your website, it is very important that you understandĀ  you are granting access for your online investment.

You can assign subscribers, administrators, authors, editors and contributors in WordPress and give them different access privileges.

Watch thisĀ video session which briefly explains the roles in WordPress

Capability Given Per Roles Assigned

  • Super Admin = 1 (full access)
  • Administrator = 2
  • Editor = 3
  • Author = 4
  • Contributor = 5
  • Subscriber = 6 (only read access)
Capability 1 2 3 4 5 6
Y
Y
Y
Y
Y
Y
Y
Y
Y
Y
Capability 1 2 3 4 5 6
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Capability 1 2 3 4 5 6
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Y Y
Capability 1 2 3 4 5 6
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Y Y Y
Capability 1 2 3 4 5 6
Y Y Y Y
Y Y Y Y
Y Y Y Y
Y Y Y Y
Y Y Y Y Y
Y Y Y Y Y
Capability 1 2 3 4 5 6
Y Y Y Y Y Y

The usual setup is to grant subscriber access, by doing so, you are only granting Read only access, however, as you can see there are many other types of user roles which can be used according to your website setup.

How to Disable New User Registration from WordPress Dashboard

Login to WordPress Dashboard > Settings > General > (Look for option Membership) and un-check the option for ‘Anyone can register’

Disable WordPress User Registration Using .htaccess on Apache

You can use this below code to completely disable new user registration requests to the registration page. Simply add this to .htaccess file and upload to your web server, when the registration spam bot requests the registration page (wp-login.php?action=register), then these .htaccess file rules will throw Page Not Found error

#Block Spam Registration Requests to this URI (wp-login.php?action=register) 
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{THE_REQUEST} ^.*(wp-login.php\?action=register).* [NC]
RewriteRule ^(.*)$ - [F,L]
</IfModule>

72 / 259 Malvern Rd Melbourne Australia 3141

+61421600702 $$

Author: RankYa

RankYa: Online Entrepreneur, Web Developer, Google AdWords and Google Analytics Certified Professional. Specialist in: SEO, Website Optimization, WordPress, Structured Data, JSON-LD, Microdata, Microformats, RDF, Schema.org Vocabulary, HTML5, Advanced Image Optimization, Google Webmaster Tools, Google Webmaster Guidelines, Social Media Marketing, Facebook marketing and YouTube video ranking mastery.

Thank you for sharing this blog post. Description: 'Adding New Users in WordPress Content Management System is easy, however, understanding what type of access you are granting is more important'