Restricting content access based on user roles in wordpress

• By Admin
• Jan 08, 2025
• 35

Restricting content access based on user role is one of the powerful admin features of WordPress. This feature maintains your website's integrity and security by giving you administrative control. Therefore, you can decide who can see or interact with your site’s content. 

WordPress has the ability to restrict content access with its built-in functionality. It helps membership, eLearning, and business websites. Besides, you can safeguard sensitive information on your website and allow relevant users to access it. For example, only contributors can edit your site content, and paying members can access premium content.  

In this article, we’ll show you how you can restrict content access based on user roles in WordPress. Ultimately, you can strategically implement the proper admin privileges for your website users.

What are The User Roles in WordPress?

WordPress restricts user roles, which is a built-in user management feature that helps admins assign specific privileges to different users. Generally, WordPress offers five pre-defined and one additional user role. Each role binds its users to take specific actions on your website that they can’t surpass. 

Let’s take a look at the user roles in WordPress: 

Administrator: The administrator role has the highest access to all WordPress site features. This means users can manage all the site content, user accounts, plugins, themes, and more. Moreover, they can take their preferred action and also maintain other user roles. 

Editor: This role allows users to publish and maintain posts and pages on the website. They can edit or remove content written by other users. So, editors are responsible for maintaining the quality of your website's content. 

Author: Authors can create, edit, and post their content without anyone’s approval. It also allows users to upload media files within the content to maintain quality. 

Contributor: Contributors have the access to create or write their own content and manage them. However, they cannot publish the post since their post needs approval from the editor or administrator roles.

Subscriber: This user role has the least access and permissions to take actions on your website. However, users can take specific actions defined by the admins, manage their profiles, and read content on the site. This user role becomes necessary if you own a membership or forum site.

Super Admin: This admin type is ideal for multisite setup and can be managed under one installation. Super admins will get the highest access level, surpassing the admin level access. Apart from all other access, these users can monitor network-wide updates, backups, and security measures.

Now, let’s learn how to restrict content access in WordPress.  

Methods To Restrict Content Access In WordPress

You can restrict content access in WordPress by following different methods. Each method can meet your specific requirements and technical understanding. Here are some common approaches that you can follow: 

Using Built-in WordPress Features  

Some in-built features can restrict content access in WordPress without any plugins. To implement it, you simply need to configure the visibility settings for different posts and pages. As an admin, you can mark your posts as following settings: 

• Public Posts: Everyone can access a public post whether they are logged in to your site or not. This is a default setting for WordPress posts and content, which you can change.  

• Private Posts: Only users with permission can access private posts on your site. Generally, only administrators and editors can access them. This feature is essential when editing a post that is not ready to publish.

• Password-Protected Post: With this configuration, you can also restrict content access in WordPress. As a site owner, you can only protect your content with a password and share it with your selected users. Thus, only your preferred users can access your site’s sensitive content. 

Setting a post as Private or Password Protected

You can easily restrict content access in WordPress using the following steps: 

• First of all, create a post that you want to set as private or password-protected.

• Now go to the right-hand side, click on settings, and then click Status 

• Ensure Private is selected under the Publish or Post settings in the Status section. This setting is required to make a post private from the public. 

• Similarly, select Password Protected in the Status section and enter a unique password.

• Save settings so that changes can take effect. 

Now, we’ll learn the automated approach for restricting content access in WordPress. 

Using Plugin For Restricting Content Access in WordPress

WordPress Plugins give you a more flexible approach to restricting content access on this platform. Plus, you can implement more complex content restrictions according to your requirements.

Members

Members is a membership plugin created by MemberPress that allows you to set roles and capabilities. Admins can use this plugin to provide users a flexible membership experience on their eCommerce sites. It provides a simple user interface for handling roles and capabilities for each user. 

Key Features 

• Crete, edit and remove roles and capabilities for users.

• Multiple user roles can be set for any user.

• Clone a role and create a new one from a previous one.

• Restrict content access according to user role.

• Shortcodes to control content access and user role.  

Restrict Content

Restrict Content comes with robust membership options that help you monetize content access. It gives you complete control over restricting users from your WordPress site. You can create pages displaying content according to user role or membership. 

This is an ideal option if you are running a membership or subscription website. You can restrict users from accessing posts, pages, media, custom post types, and `API requests.  

Key Feature:

• Create membership levels with different access levels for free trial and pro plans. 

• Control content access for different user roles according to their plan, status, etc.

• Control content access on different pages, posts, and WordPress block levels.

Content Control

Get flexible restricted content access in WordPress with the Content Control plugin. This is not only about controlling user access but also about creating a unique user experience.

You can showcase specific content to logged-in users and members with different roles and access levels, as well as a teaser of premium content to your guest users. The simple interface allows you to control visibility on different pages, posts, widgets, and even Gutenberg blocks. 

Key Features:

• Complete control of your site’s content and limit user access easily.

• Set user access or visibility on Gutenberg for different users and device types. 

• Control user access on pages, posts, widgets, and individual blocks. 

Custom Code for Restricting Content Access in WordPress

Custom code for restricting content access is another way to limit content access If you are comfortable with coding. This is a powerful method of restricting content access from your WordPress theme.

You will get better control and flexibility over content access based on user roles. However, you need to have a bit of coding experience in PHP. Here are the steps to follow and control content access through these steps: 

• Log in to your WordPress admin dashboard.

• Navigate to Appearance > Theme Editor.

• On the right side, locate and click on the functions.php file of your active theme. We recommend you back up your site before changing to avoid potential issues.

Note: We recommend sticking to the previous methods if you can’t find the function.php file. 

• Scroll to the bottom of the functions.php file and input the following code: 

function restrict_content_by_role() {

    if ( current_user_can( 'subscriber' ) ) {

        // Display restricted content here

        echo '<p>This content is only available to subscribers.</p>';

    } else {

        echo '<p>Sorry, this content is restricted.</p>';

    }

}

add_action( 'the_content', 'restrict_content_by_role' );

• You can also configure the content display for different users with the following conditions: 

function restrict_content_by_role() {

    if ( current_user_can( 'administrator' ) ) {

        echo '<p>Welcome, Admin! You have full access.</p>';

    } elseif ( current_user_can( 'editor' ) ) {

        echo '<p>Welcome, Editor! You can edit this content.</p>';

    } elseif ( current_user_can( 'subscriber' ) ) {

        echo '<p>This content is only available to subscribers.</p>';

    } else {

        echo '<p>Sorry, this content is restricted.</p>';

    }

}

add_action( 'the_content', 'restrict_content_by_role' );

• Click the Update File button when you are done placing these codes.

• Now, you can log in to your website with different user roles. This will help you check whether the content displays according to the roles. 

Now, you can easily restrict content access in WordPress using codes. However, try plugins to implement restricted content access in WordPress if you want to skip coding. 

Benefits Of Restrict Content Access in WordPress

Restricting content access based on user roles can bring several benefits to the table. Most importantly, it can give your users a better user experience and less hassle for the admins. Here are the benefits in detail:

Ensure Data Security

Obviously, you don't want everyone to access your site's sensitive or personalized content. To keep your content secure, restricting content access can help you separate the things that you want only specific users to gain access to. Let’s say you want to provide confidential business analytics only to premium users and specific team members.

Unique User Experience

Users with different roles can access content that is only relevant to them. Therefore, they face less distraction and confusion while searching for specific content. For example, members of a subscription site can find their premium content easily since they can access all of those features.  

Offering Personalised Content

Using the restrict content access feature, you can target specific content for specific user roles. Let’s say you are running an eLearning website where only registered students can access online classes on your site. 

Better Content Management

With each user role having its own access to your site, you can get better content management in place. Let's say you have multiple contributors, editors, and admins on your site. Here, contributors can only create and edit the content but can’t publish it. 

On the other hand, editors can make the final edits and then publish the content. Admins can easily monitor all the activities on the site while others do their part. Therefore, overall content management becomes easier for the site's admins or owners.

Wrapping up

Restricting content access in WordPress is a simple but essential feature that should not be ignored. This powerful approach enhances content and user management with ease. When operating a small site, you can take advantage of WordPress's built-in features. 

However, when your site grows gradually, you can implement a plugin that suits your site’s user roles and content requirements. You can try all the abovementioned approaches and adopt one that gives you the best control over your content and user roles. 

Keep in mind that you must carefully set user roles to keep your data safe and meet your site’s evolving needs. Otherwise, you might lose potential visitors whom you can convert into customers by attracting them to get your premium content.