How to Restrict WordPress Page Access by User Roles

You spend hours writing and editing content, creating images, and optimizing it for search in the hope of making it visible to as many visitors as possible. So why should you restrict page access to certain users?

The reason behind this restriction may derive from the need of protecting your online learning materials which you don’t want the whole world but your students to get. Or it might also be because you host confidential data that must be protected from the public.

WordPress comes equipped with built-in features allowing you to protect your content, from locking pages with a password to making it visible to admins only. However, there are no better ways to grant specific user roles access to private content than by seeking help from plugins.

In this article, we will explain briefly WordPress user permissions then will walk you through how to restrict page access to certain folks with ease.

WordPress Users Roles and Permissions

User roles define what specific users can and can’t do on your site. WordPress offers 5 standard roles by default, including Admin, Editor, Author, Contributor, and Subscriber.

  • Admin is the most powerful user role. They can manage the entire website, from adding or deleting content, plugins, themes, or even new users. They’re also able to change information about existing users such as their passwords.
  • The editors can manage anything related to your WordPress content. These users have full control over pages and posts of their own or others’. If someone leaves comments on your site, editors are able to moderate, edit, and delete them as well.
  • The authors, meanwhile, focus on writing, editing, and publishing their own pages and posts only. Any content added by others won’t be visible to them. Admins allow this role to assign categories to posts but block them from creating new ones.
  • Unlike authors, contributors can log in to your site, add, and edit new posts but they’re not permitted to publish them. However, it’s possible for them to add new tags without the admin’s permission.
  • Last but not least, subscribers who come as the lowest-level default user roles can log in to your WordPress site and update their own profiles. Writing and publishing posts or previewing comments are not available for them.

Default user roles are designed to fit the requirement of most websites. If you need to add new custom roles and provide selected capabilities to your users, you should install a user role editor plugin.

Don’t forget to identify which roles to add to the site, depending on the type of website you’re running. An eCommerce website would need Customer and Shop Manager roles while blogs might require SEO Manager and SEO Editor to be involved in the publishing process.

How to Restrict WordPress Page Access by User Roles

You’re sometimes recommended to set up a membership website and grant restricted content to members. However, it’s not necessary to create a membership site if you just want to simplify the user management since the process might take you a lot of time and effort.

Password Protect WordPress free plugin protects your content with passwords. On top of that, you can assign roles to each password too. In other words, only logged-in users under specific roles can use that password and unlock the secure content. The rest will receive an error message when attempting to open it.

To get started using the plugin, you need to:

  1. Head to Plugins and click Add New in your WordPress dashboard
  2. Type “password protect page” in the keyword box
  3. Install and activate the plugin
  4. Edit your desired page or post in Pages and Posts sections
  5. Enable the “Password Protect WordPress” option at the top right corner of the page
  6. Select a user role and enter your password
  7. Submit the password and update your content

You can generate multiple passwords for a post as well. Each password can have its own user role.

Grant direct access to whitelisted roles

Regular users like admins or editors need access to the protected content frequently. It’s a waste of time to require them to enter passwords every time viewing the restricted pages and posts. That’s where the Whitelisted Roles feature comes in handy.


You’re able to decide which user role to open private content without having to enter passwords. Click “Choose custom roles” in case you want other or multiple user roles to see the secure pages and posts.

Actually, this method forces you to upgrade the plugin’s Lite version. Here is how to get the Pro version of PPWP and set the whitelisted role to subscribers:

  1. Download PPWP Pro plugin
  2. Go to Add New under Plugins in your WordPress admin area
  3. Click on the Upload Plugin button and select the plugin zip file you’ve just downloaded
  4. Activate the plugin
  5. Head to the plugin Settings page
  6. Choose Logged-in users in the role Whitelisted Roles dropdown

If you prefer visual instruction, you can refer to this tutorial video:

It’s Time to Restrict Premium Content Access to Specific Users

Hence, there are various reasons for restricting WordPress pages and content to specific user roles. For example, premium customers can view private product pages, but the shop managers are able to add or edit product pages and manage categories as well as comments.

Password Protect WordPress Lite plugin and its Pro version turn out to be one of the best solutions to restrict access by users. Instead of setting a whole membership website, you can lock the content with passwords then assign roles to them. Users just need to enter the password to unlock the content.

Install PPWP Pro plugin and have full control over your WordPress page access restriction by user roles now!