Running a successful membership site can be complex. In addition to creating content that keeps members engaged, you need to effectively manage how members access this content.

Having a platform that restricts content access to members only is important, regardless of whether you hide your content behind a paywall or a sign-up form.

As a membership site owner, the big question is: How do you restrict your content and certain member functions to only paid or registered users? What about users subscribed to different membership levels

The short answer is that you can achieve this with WordPress roles and levels.

Banner Image for Understanding the Difference: Roles and Levels for Membership Sites

What are Roles?

Roles define what users can and cannot do on your site. In more technical terms, a role is a specific set of capabilities that are assigned to a specific user.

For instance, if you’re working with an external contributor to manage your site’s content, you wouldn’t want them to be able to make site-wide changes like installing plugins and themes, or disabling features on your website.

To assign the appropriate capabilities, you’ll need to create a role within your WordPress dashboard that allows them to do only what you want them to do.

WordPress has 6 default roles that all come with different capabilities. Let’s have a look at each of these roles and their most common use cases.

The 6 Default Roles in WordPress


This is the default role assigned to you when you can create a new WordPress account. Unless you’re running a multi-site installation on WordPress, the admin role gives you access to everything on the WordPress backend. Admins can:

  • Create and edit posts and pages
  • Create and delete users
  • Add users and edit their password and roles
  • Install plugins
  • Make changes to the entire website

Remember: You should be very careful when assigning users the admin role because you will be giving them control over your entire website.

Example access for Administrator role in WordPress admin
Example access for Administrator role in WordPress admin


After the admin, we have the editor, who manages the content of a website. Editors can:

  • Create, edit, and manage the pages and posts of all other users (except admins)
  • Manage categories
  • Moderate comments 

An editor has fewer capacities than an admin. For example, they can’t make site-wide changes like installing plugins, creating and editing users, and installing themes.

Example access for Editor role in WordPress admin
Example access for Editor role in WordPress admin


Next, we have the author role. Authors can:

  • Upload files
  • Create, edit, and delete their own posts

Authors cannot edit any post except their own. They also cannot moderate comments or manage categories like an editor can.

Example access for Author role in WordPress admin
Example access for Author role in WordPress admin


A contributor is essentially a watered-down version of an author, except they cannot publish their own content. Contributors can:

  • Create and edit their own posts
  • Submit posts to an editor to review and publish
Example access for Contributor role in WordPress admin
Example access for Contributor role in WordPress admin


A subscriber is the lowest role on the hierarchy. Subscribers can:

  • Read all the posts on a website
Example access for Subscriber role in WordPress admin
Example access for Subscriber role in WordPress admin

Super Administrator

If you run a multi-site installation, a super admin can manage multiple websites from one WordPress dashboard. Super admins are responsible for creating and deleting websites on the dashboard. They can also install plugins, and modify pages and posts as well.

When there’s a super admin, an admin of an individual website can no longer install plugins and themes, they can only activate them.

Other WordPress Roles

Besides the default roles on WordPress, there are other ways you can create custom roles and capabilities for your users:

  1. If you code and write PHP, you can use the WordPress Code Editor to add custom roles and the capabilities for your users using PHP codes. You can also delete roles and capabilities for each role you’ve created.
  1. A plugin like User Role Editor plugin gives you the flexibility to create custom roles and assign any available capability to them. You can also create your own unique custom capabilities to assign to your roles.
Screenshot of the User Role Editor in WordPress

Be aware that some plugins, like WooCommerce or AffiliateWP, automatically create additional user roles with new capabilities required and enabled by their plugins.

For example, WooCommerce adds “Customer” and “Shop Manager” roles.

How to Restrict Content Using Roles

Roles are primarily used to assign what a user can do on your site. But some plugins allow you to use roles to restrict your content as well.

For example, let’s say that you want to create a membership site with three payment levels:

  • A Bronze level (Free)
  • A Gold level ($15)
  • A Platinum level ($30)

Bronze level users can only access blog posts. They can also comment and like articles on the site.

Gold level users can access blog posts and webinars. They can comment and like, as well as write and submit articles for review on the site. However, they can’t publish their articles to the site.

Platinum level users can access blog posts, webinars, and members-only podcasts. They can also write, submit, and publish their own articles on the site.

If you decided to use roles to set this all up, you’d have to:

  1. Install User Role Editor and creates three custom roles: Bronze, Gold, and Platinum
  2. Assign default capabilities and then create custom capabilities for each role.
    • Users in the Bronze role can only like and comment
    • while Gold and Platinum users can like, comment, and contribute articles.
    • Only Platinum users can publish their articles.
  3. Install a plugin that controls access to content by role
  4. Create three post types: Webinars, Blog Posts, and Podcasts
  5. Create and selects the pages, posts, and/or categories to protect (depending on the plugin)
  6. Selects which role(s) can access which content

Limitations of Role-Based Content Restriction 

  1. Role-based memberships only track the user’s current role and nothing else. 

    This means that if a Platinum member downgrades to the Gold level, the user’s past role is discarded and the new role is the only thing visible; Previous membership history and capacities will be erased.

    To track the history of the user’s membership, a site owner would have to create a separate system for storing membership records.
  1. Default WordPress roles and the default roles that come with certain other plugins can bypass your content restrictions.

    For instance, the administrator or any role above it (any role with more capabilities) can access the content restricted without signing up for a membership level. So content isn’t necessarily completely exclusive.
  1. Role-based memberships don’t allow you to add extra membership details by default, such as:
    • membership start date,
    • the purchase price, and
    • membership expiration date.

These details are particularly useful for offering discounts, seeing the most active users, and other things a membership site owner wants to be able to do.

What are Levels?

Levels, or membership levels, are the different packages of access, content, and features you have to offer your customers. Levels define what exactly your users receive when they sign up for one of your plans.

They also define how and when customers receive what they’ve signed up for.

Screenshot of Fleischer Tour Fit membership levels

The image above shows the three membership categories for Fleischer Tour Fit. They offer a Basic level, Premium level, and All Access level, depending on user needs and budget.

How to Restrict Content with Levels 

Many membership site owners prefer to flexibility of keeping roles for WordPress permissions only, and Membership Levels to control access to content. Membership Levels give you the flexibility of tracking member history and better controlling access to your content.

Paid Memberships Pro is a WordPress membership plugin that doesn’t use the role-based method to restrict content. Instead, PMPro uses a level-based method that allows users more flexibility over how they restrict their content and store user data.

To restrict content and create levels using PMPro, you should:

  1. Install and activate Paid Memberships Pro
  2. Run through the Initial Setup Wizard
  3. Then, select Settings > Levels to continue setting up additional levels and access.

With levels, you can restrict over 28 different types of content in WordPress. Check out the companion guide for help with your content protections.

Limitations of Level-Based Content Restriction 

Membership Levels are designed to restrict access to what users can see based on the level they signed up for. How to you restrict what users can do in the WordPress site?

In this scenario, we had three levels, where members of a higher tiered gained access to do things with posts and publishing content.

If you need to give members access to control settings and content in your WordPress site, you”ll need the free Roles Add On for Paid Memberships Pro. This plugin creates custom roles and capabilities that are synced with membership levels.

Why Use Levels for Membership Sites?

  • Tracking your membership history allows you to give special offers and discounts to long-time customers.
  • You can have the best of both worlds by combining membership levels (ex. PMPro) with roles (ex. The Roles Add On for PMPro). You can manage your membership records the way you want to, while still assigning specific roles to your users based on their levels.
  • You can sync roles and levels for better management of your membership structure. 
  • If you restrict your content with roles alone, you risk having your roles overridden by certain plugins.

Summary: Core Differences Between Roles and Levels for Membership Sites

  1. Roles don’t keep track of a user’s membership’s history while levels store user membership information, even when they upgrade, downgrade or cancel their levels.
  2. Roles don’t allow you to collect extra information like the membership expiration date, start date, or discounts. PMPro’s level system allows you to collect custom information and store it in your own database.
  3. You cannot use roles to restrict content using PMPro. To restrict what a user can do – such as commenting, editing, changing their profile, etc. – you will need to use the free Roles Add On for Paid Memberships Pro (by default, PMPro uses membership levels to restrict what a user can see, not what they can do).

Looking for a robust membership plugin for WordPress that restricts content based on levels? Try Paid Memberships Pro today risk-free.

Cover image from ebook 29 Nuggets of Wisdom Volume 1 - Sample Collection

Download the free ebook: Get 29 insights and ‘aha moments’ for new or veteran membership site business owners. Use these nuggets of wisdom to inspire or challenge you.

Was this article helpful?