An Administrator is a type of user role that has access to all of the administrative features of a WordPress site. The first user created during the WordPress installation process is assigned the Administrator role.
Because they can manage every aspect of your site, you should limit the number of Administrators, and make sure all Administrator accounts use a secure password.
What is a WordPress Administrator?
A WordPress Administrator is a user role with a defined set of capabilities. When it comes to managing your site, Administrators have full reign (all capabilities available). It is the highest level of access that you can provide to your site.
When you run the WordPress installation process, a single user is created. This user is assigned the Administrator role.
Who should be a WordPress Administrator?
WordPress Administrators can add and remove other users, delete content, and mess with settings, plugins & themes. So assign the Administrator role wisely.
Ideally, you should have as few Administrators as possible. If you’re an agency or freelance web developer who manages a site for a client, you should be the sole Administrator. You can still give your client access to add/edit content, moderate comments, etc (see Editor or Author roles). But without Administrator access, they won’t be able to mess with settings, plugins and themes, which could all negatively impact the site.
If you’re a small business owner, and you manage the site yourself, you should only have 1 Administrator account, and it should belong to the person most responsible for the site. Everyone else in the company should have their own user account, and be assigned an appropriate role (but not Administrator).
- Never use admin as the username for an Administrator account (or any other user role, for that matter)
- Always use a secure password for all users that have the Administrator role
WordPress Administrator’s Capabilities
For a default WordPress installation, here is a list of capabilities that an Administrator has (see Multisite differences below).
- Update WordPress Core
- Edit Dashboard
- Manage Settings: General, Writing, Reading, Discussion, Permalinks
- Import & export content from the Tools menu
- Install, Activate, Update, Edit & Delete plugins
- Install, Switch, Update, Edit & Delete themes
- Edit Widgets, Menus, Custom Background & Custom Header
- Access the Customizer
- Create, Edit, Promote & Remove users
Posts & Pages
- Add New, Publish, Edit & Delete your own posts/pages
- Publish, Edit & Delete other’s posts/pages (essentially, completely manage all site content)
- Manage all taxonomies (categories, tags, etc.)
Media & Files
- Upload & Edit all media files
- Add, Edit, Delete & Moderate all comments
WordPress Administrator on a Multisite Network
The roles for an Administrator are a little different if you’re running WordPress Multisite. Since there are a network of sites, the Administrator role only has the ability to manage a single site on a Multisite network. Full management of the entire network of sites falls to the Super Admin.
The following list of capabilities are NOT available to Administrators on a Multisite network. They are only available to Super Admins.
- Update WordPress Core
- Install, Update, Edit & Delete themes and plugins
- Create, Edit & Delete users