How to Block WordPress Users from Creating Higher-Level Users
By default, WordPress only allows Administrators to create users.
Fortunately, PublishPress Permissions has a feature called “Limit User Edit by Level”. This ca prevents anyone from editing a user with a higher level or assigning a role higher than their own.
- Go to Permissions, then Settings in your WordPress admin menu.
- Click Editing.
- Scroll down to the User Management area:
This setting allows you to choose the level of users can can be edited:
- any user
- equal or lower role levels
- lower role levels
WordPress user levels explained
What does it mean when we say some WordPress users are at a higher level?
WordPress arrives with 5 key roles that you'll see on a new site. These roles are in a hierarchy from least important to most important:
How to limit user editing by level
Let me take you though an example of how this works with PublishPress Permissions Pro.
To start, I created a user with the “Editor” role.
This allows them to access the “Users” link in the WordPress admin and also create new user accounts.
And if this user does click the “Add New” button and create a new user, they will not be able to choose the Administrator role.