How to set roles in WordPress to password protect content using a role editor

Updated April 11, 2023

WordPress user role editor plugin

Confused about customizing your WordPress user roles? WordPress comes with user role features that give you control over who can access your website. Discover how to set up a WordPress user role editor, and how to give private parts of your website based on user roles.

A WordPress role editor lets you create and customize user roles on your website for all sorts of purposes. For instance, you can create subscribers, wholesale customers, and member user roles and let them access different parts of your website.

In this tutorial, we’ll go over the different types of user roles that come with WordPress out of the box and explain how to create and customize WordPress user accounts.

Keep reading  to learn how to create new user roles, edit them to change what each role can edit in the WordPress back-end, and what content they can access from the front-end.

Before we begin, it’s important to note that most WordPress user role editor plugins don’t let you change what user roles can access from the front-end. However, we will reveal the perfect plugin that offers full privacy control for WordPress websites. This is especially useful if you’re thinking about running a private site or a membership site.

What are the different user roles available in WordPress?

So, what are WordPress user roles?

User roles in WordPress are designed to give site owners the ability to control what users can and cannot do within their website.

This lets the site owner manage the user’s access to different tasks including writing and editing posts, creating pages, creating categories, moderating comments, adding widgets, managing plugins, managing themes, and managing other users, all by assigning a specific role to each of the users. For instance, you can give the Editor user role on your website access to creating and editing blog posts only.

WordPress, by default, offers six predefined users roles. Each user role can perform a specific set of tasks on your website. Let’s quickly take a look at each user role available in WordPress:

Super Admin

In WordPress multisites, Super Admins user roles have all capabilities such as creating, adding, and deleting sites and networks. They also can add and manage users, plugins, themes, and customize the website in any way they want to.

This is the highest level of authority on a WordPress website and WordPress multisite and it’s usually the default user role for the creator or site owner themselves.


Administrator roles have the ability to add, edit, and delete plugins, pages, posts, published posts, themes, categories, taxonomies, links, and tags.

Administrator user role

People with the Administrator user roles can also moderate comments, export and import files, create and access private posts and customize the layout of pages by adding blocks. In addition to this, they can view the entire admin menu from the WordPress back-end.

This is the next level of authority from Super Admin and is usually shared by key role players in a website. For instance, for a school website, the Heads of Departments could be assigned the Admin user role.


The Editor user role has access to posts, pages, and categories on a website only. They do not have control over plugins and themes, site settings, and users.

Editor role

Using the same example mentioned earlier, for a school website, you can assign the Editor user role to the editor of the student magazine, blog managers, or department assistants.


Author user roles have limited access on a website. This low-risk user role only grants users access to publish and edit posts as well as the ability to delete their own posts.

Author role

For instance, for a school website, you can assign the Author user role to the head writer for the school magazine or to professors.


The Contributor user role on a WordPress website can add new posts and edit their posts but it has to first get approved in order to get it published on the front-end. For this reason, they see very few menu items after logging in.

Contributor role

Following the same school website example, you can assign this user role to writers contributing to the magazine, visiting faculty, or guest lecturers.


Subscriber user roles have the lowest form of control as they can only log in to your WordPress site, update their user profiles, and change their passwords.

Subscriber role

For example, for a school website, the subscriber role can be assigned to all students. This way they can register and log in to the website to access resources and content.

How to create and customize user roles in WordPress

Let’s dive deeper into how to work with a WordPress user role editor. That way, you can create and customize user roles in WordPress to enhance your site’s functionality.

Change the role of a user

Changing the role of a user in WordPress is pretty easy. Click on the Users tab from the WordPress admin panel and use the Change role to… dropdown menu to select a user role.

Change WordPress role

Select the checkbox next to the user you want to change the role of and after selecting your user role from the dropdown, click on the Change button to apply the changes.

This lets you control and restrict user access on your website by assigning the right user roles to the right people.

Edit user data

WordPress also lets you edit and customize the user details that are stored for user roles on your website.

To do this, simply navigate to Users → All Users and click on the Edit button to navigate to the Edit User page.

Edit user data

You can modify and edit the fields from here. This means you can set general information about the user, their contact information, set a new password, or send a reset link, and also edit customer billing address and information.

Once you are done making changes, click on the Update User button at the bottom to continue.

Edit the privileges for a WordPress user role

Using the User Role Editor plugin, you can also change the default privileges for a WordPress user role on your website.

Simply download and install the free WordPress plugin and navigate to Settings → User Role Editor from the admin panel.

Change privileges

Make sure the Edit user capabilities checkbox is selected and click on the Save button.

Edit user capabilities

Now navigate to Users → User Role Editor and select the user role you want to change the privileges for. You can select the privileges you want to enable for the selected role and then click on the Update button to save changes.

Create new user roles in WordPress

Creating new roles using the User Role Editor is simple. Start by navigating to Users → User Role Editor and click on the Add Role button.

WordPress role editor

Give your new user role a unique name and select a user role to duplicate. You want to clone an existing user role that has similar privileges to those you want to grant to the new role. We can later make changes to the permission of the new user role as needed.

Updated capabilities with WordPress role editor

Once you’re done editing the privileges of your new user role, click on the Update button to save changes.

Create private WordPress pages, posts, and categories based on user role

The User Role Editor plugin offers a robust solution for creating new user roles and editing permissions that let you control what content users have access to on the back-end of your WordPress site.

However, it does not let you control which part of your website is available to each user on the front-end.

For instance, you cannot restrict “Subscribers” access to the content you created specifically for “VIP members” on your membership site. To do this, you need a WordPress role editor plugin such as Password Protected Categories.

Create hidden areas within your WordPress site - the easy way.

The Password Protected Categories plugin offers an all-in-one solution for managing who has access to your content on your website. This means that you can create hidden areas within a WordPress site or blog and only let specific user roles access the area from the front-end. This is the easiest way to create custom user roles in WordPress.

By protecting WordPress categories, you can restrict access to any type of content on your website. This includes pages, posts, and any custom post type. For instance, you can hide access to specific blog posts that contain premium content meant exclusively for Subscribers on your website. This way, only people with the Subscribers user role will be able to access the exclusive blog posts on your website.

In addition, the Password Protected Categories plugin also offers a User” feature. This lets you choose which individual user can access each category on your WordPress site or blog. You can also delete user roles if you’d like.

How to use the WordPress role editor plugin to protect a category based on user role

Let’s dive deeper into how to use Barn2’s Password Protected Categories plugin to create private WordPress pages, posts, and any other custom post type based on user roles.

Start off by installing and activating the Password Protected Categories plugin on your website.

The first thing you need to do is create a category and offer exclusive content in the restricted category. This way, you can grant access to selected user roles.

To do this, navigate to Posts → Categories and give your new category a name. Select Protected under the Visibility section and tick the User roles checkbox. Next, select each user role you want to grant access to.

Add new category

When you're done, click on the Add New Category button.

Next, you’d want to add all your exclusive content to the newly created private category.

In this way, Password Protected Categories lets you restrict access to content the same way a members plugin does.

Once that's done, you can use the free Theme My Login plugin to add a front-end login form to your site. This way, people with the correct user role will be able to log in and access the exclusive content.

Theme My Login settings

The Theme My Login plugin lets you choose where each user is redirected based on their user role. You can use the plugin to automatically direct them to the correct category when they log in.

Take control over your WordPress user roles

Now you know how to set user roles in WordPress to password protect parts of your website. Using a WordPress role editor plugin like this is a great way to make your website more private. It also lets you create exclusive content and grant access to specific user roles only. This is great for running and managing a membership site.

You can control website access for various user roles and create new user roles for various purposes. This means that you can offer a unique user experience on your website while making sure your website remains secure. You have full control over the privacy of your web pages. It's easy to grant access to eligible user roles, hiding content from everyone else.

To recap, these are the WordPress user role editor plugins that can help you customize user roles on your website:

  • You can use the User Role Editor plugin to add and edit user roles on your WordPress site.
  • The Password Protected Categories plugin offers a robust solution for restricting access to parts of a WordPress site using passwords for specific user roles. It makes it incredibly easy to create custom user roles in WordPress.

Create hidden areas within your WordPress site - the easy way.

Get Password Protected Categories today!


  1. Baker
    October 7, 2023 Reply

    after deleting a capability for file upload for subscribers how do i add that back in the USER ROLE EDITOR plugin?

    • Nikki Louise
      October 9, 2023 Reply

      Hi! You can add it back by going to Users > User Role Editor in your WordPress dashboard. Click on the Subscriber role.
      Scroll down to the Capabilities section and check the box next to the upload_files capability. You can also check FAQs page for the User Role Editor plugin for more info.

Please share your thoughts...

Your email address will not be published.