Periodically inventorying your website’s users — and what they can do — is a best practice that all site administrators should practice. People periodically change jobs and responsibilities at the College, and it’s a good idea to make sure that people’s capabilities in WordPress match up with their responsibilities for the website.
The first step is to review your site’s list of users. When logged into your WordPress dashboard, click on the “Users” link. A list of all of the users — people who can login to your website and do something — appears along with the role they’ve been assigned (e.g. “administrator”, “editor”, etc.).
Anyone who is no longer associated with the website or who has left the College should be removed from the site. If they should still be a member of the website, but shouldn’t be able to make any changes, consider downgrading their role to “Subscriber”. Subscribers can only log into the website; they can’t see unpublished content or make any editorial changes.
Administrators are the people primarily responsible for the website. Their responsibilities include:
The best practice at Lafayette is for there to be 1-3 administrators on a website; anyone else should be assigned the editor role. The Help website explains how to assign a role to a user in WordPress.
Editors are people who need to edit content but aren’t primarily responsible for the website. Their role allows them to edit pages and posts, but doesn’t allow them to make theme-level changes or activate plugins. This role is ideal for people who need to regularly edit content, but don’t get into the nitty gritty details of maintaining the website.