How to Make a Subscriber Into an Admin on WordPress

One of the most essential tasks of maintaining a WordPress website is managing user roles. WordPress has an array of built‐in roles that each serve to regulate what a user can or cannot perform on your website.

In this blog, you will learn how to make a Subscriber into an Admin on WordPress.

At times, you might begin with a user who is a Subscriber, the most limited permission role, and ultimately realize that you want that user to have complete admin privileges.

Whether you want to upgrade the account to carry out more responsibilities or you have been hacked and do not find any way to recover from it, understanding how to change a Subscriber into an Admin might help you reach your desired goal.

What are the WordPress User Roles?

It is helpful to know the built-in roles WordPress offers before getting into the process of modifying a user’s role:

• Subscriber: This is the most basic level of access. Subscribers can edit their profiles and comments. They are not able to write or publish posts.
• Contributor: Contributors can write and edit their posts but are not able to publish them. Their work has to be approved by a higher role.
• Author: Authors can edit and publish their posts and embed media to their posts.
• Editor: Editors have more extensive content control—anything from managing and publishing content produced by others to moderating comments, etc.
• Administrator: Administrators have the topmost control of everything on the site, ranging from content editing to theme managing, plugin handling, and even site option handling.
• Super Admin: It is available only in multisite networks and is the administrator of all sites within a network.

How to Make a Subscriber Into an Admin on WordPress: 4 Quick Methods

You can choose to use any of the four ways to make a subscriber into an admin on WordPress.

Method 1: Use the Built-in WordPress User Management

WordPress offers a user-friendly interface for managing users. If you already have an Administrator account, you can then choose any user role right from your WordPress dashboard.

• Log in to Your WordPress Dashboard: Start by simply logging into your WordPress dashboard with your account having the Administrator rights. Once you log in, you will be able to view the full user management options.
• Navigate to All Users: From the panel on the left of your dashboard, simply click on Users, followed by All Users. From there, you will get to see a list of all of your site’s registered users. Simply look for the user who has the Subscriber role that you want to promote at present.
• Edit the User Profile: Hover over the name of the user, or you can also click on the username that will give you the Edit link option; simply just click on it, and you will get to the user’s profile page.
• Alter the Role: Scroll down on the user’s profile page until you find the Role dropdown. By default, it will be named as Subscriber. Simply click the dropdown and select Administrator from there.
• Update the User Profile: After selecting the new role, scroll to the bottom of the page and click on Update User. This will save the changes and upgrade the user’s role to Administrator.
• Verify the Change: To ensure the change has been saved, you need to log in again as the upgraded user or review the list of users again.

Method 2: Using a Plugin

There are several plugins in the market that you can use to make a subscriber into an admin on your WordPress site. The steps are almost similar in every plugin, but you can use whatever you choose.

• Install and Activate the Plugin: Simply first navigate to Plugins and then Add New in your WordPress dashboard and search for User Role Editor. Then, install it and activate it.
• Access the Plugin Settings: Once the plugin is activated, head to the plugin settings page.
• Select the User: From there, select the user whose role you want to change to admin.
• Change the Role: From all the options in the given list, select the Administrator role and save.

Method 3: Using Custom Code

For all those users familiar with coding, especially PHP, inserting a code snippet into your theme’s functions.php file is another way you can change the user roles using coding.

For example, below is a snippet where you can try to change the user role from subscriber to admin.

$user = new WP_User( $user_id );
$user->set_role( 'administrator' );

Always remember to back up your entire site before you start making any changes in the code. A minor mistake in your functions.php file can make your site malfunction.

Method 4: Using the Database

Step 1: Access cPanel

Simply open your website’s domain by appending 2083 port at the end of the URL. For example https://your-domain.com:2083. Log in to your cPanel account by entering your username and password.

Step 2: Access phpMyAdmin

Once your cPanel account opens up, simply look for your database manager, such as phpMyAdmin.

Step 3: Access Your WordPress Database

• On the left sidebar, select your WordPress database from the list of all installed databases.
• If you are not sure which database contains your WordPress database, you can go back to the main cPanel interface and navigate to Files, then File Manager.
• Then, navigate to the public_html folder, which is your site’s main installation folder. In some cases, it might have a different name, such as / or root, public, root_html, or your simple website’s name.
• In the list of all the files in this folder, right-click on the file named wp-config.php and select View/Edit. Carefully observe the overall contents of the file until you find the database your site is using. It will look like this: define('DB_NAME', 'your-database-name-goes-here');
• Once you get the database, head back to phpMyAdmin and choose that database from the left sidebar.

Step 4: Search and Modify Your User

• Search for the wp_usermeta table. This table contains information on all your site users.

• Once you get the wp_usermeta table, you need to look for the user you want to promote. You can do this simply by using the nickname field. In this guide, we will search for the user with the nickname Andy.

• You will get to several fields below the username, where you will see the wp_capabilities field that specifies the user’s role. Edit the field to make it as follows: a:1:{s:13:"administrator";b:1;}.
• After making this change, the user will be an Admin.

Security Impacts when You Promote Someone to Administrator

Changing someone from a subscriber to an admin provides the individual with full control and authority over your website. This also means that there are certain risks, and you must be careful before considering anyone for this role on your WordPress site.

• Confirm User Reliability: Make sure that the individual you want to promote to admin from subscriber is reliable enough and understands the responsibilities that come along the way.
• Restrict Administrator Access: If possible, always try to restrict the number of users who have administrator rights. The fewer the administrators are, the fewer the chances for any error or unauthorized changes.
• Backup Your Site: It is always very important to back up your entire site before you make any changes in the user roles. This also ensures that if anything goes upside down, you can easily restore your site.
• Backup Tools: You can use plugins such as UpdraftPlus or BackupBuddy to make routine backups of your site.
• Keep an Eye on User Activity: Once you promote a user to an Administrator role, check out their activities. WordPress security plugins such as Wordfence or Sucuri can assist with monitoring changes and notify you in case of any kind of suspicious activity.
• Two-Factor Authentication (2FA): Two-factor authentication for all Administrator accounts provides another layer of security. Even in case of security concerns and where your credentials might be compromised by someone, 2FA might stop any kind of unauthorized access. To keep away any kind of unauthorized access to your WordPress admin, learn how hackers mine WordPress for admin email addresses.

How to Keep Your Site Secure After Role Changes?

Promoting any user to an Administrator role is a major change that you take for your site and also increases the security concerns for your website.

Below are some measures you might want to take to ensure your site remains secure following any changes in user roles:

• Regular Security Audits: Perform routine audits of your site’s security. This involves checking user access logs, watching for suspicious changes, and making sure that all plugins and themes are current.
• Update WordPress Regularly: Keeping your WordPress installation current is one of the best methods to secure your site against vulnerabilities. Always apply the latest security patches and updates.
• Enforce Strong Passwords: Make sure all Administrator accounts and other high-privilege user accounts employ strong, non-repetitive passwords. Look into using password policies that need a combination of letters, digits, and symbols.
• Use Security Plugins: Security plugins such as Wordfence, Sucuri, or iThemes Security provide a variety of features ranging from malware scanning to firewall protection. These plugins can add more layers of protection, making it more challenging for malicious users to get into your site.
• Monitor Login Attempts: Implement systems to monitor and restrict login attempts. This can stop brute-force attacks and notify you if there is suspicious activity on your website.

Conclusion

To sum it up, changing a Subscriber into an Admin on WordPress is a simple and easy-to-follow process, whether you use the built-in WordPress user management system, a plugin, custom code, or directly alter the database.

Each of these methods provides flexibility depending on your technical expertise and preferences for your site. However, you also need to be cautious when promoting a user to an Administrator role, as this grants full control over your site.

To safeguard your site’s security, always verify the reliability of the user, limit the number of administrators, back up your site, and implement security measures such as two-factor authentication.

Also, regular security audits, keeping WordPress updated, and using strong passwords will help ensure your website remains protected.

Frequently Asked Questions (FAQs)