Whatever type of website you would like to create, WordPress can cater for it. Want a personal blog, or full blown eCommerce site? Or even a Membership site is easy to create with WordPress.
Let’s imagine you are creating a forum or a membership site where you want other people to create their profiles and even collaborate with others, you can add new users easily in WordPress.
Although most plugins whether for forums, membership sites or eCommerce sites allow you to create and add new users to your website, it is very important that you understand Roles and Capabilities you are granting access for your online investment.
You can assign subscribers, administrators, authors, editors and contributors in WordPress and give them different access privileges.
Watch this video session which briefly explains the roles in WordPress
Capability Given Per Roles Assigned
- Super Admin = 1 (full access)
- Administrator = 2
- Editor = 3
- Author = 4
- Contributor = 5
- Subscriber = 6 (only read access)
The usual setup is to grant subscriber access, by doing so, you are only granting Read only access, however, as you can see there are many other types of user roles which can be used according to your website setup.
How to Disable New User Registration from WordPress Dashboard
Login to WordPress Dashboard > Settings > General > (Look for option Membership) and un-check the option for ‘Anyone can register’
Disable WordPress User Registration Using .htaccess on Apache
You can use this below code to completely disable new user registration requests to the registration page. Simply add this to .htaccess file and upload to your web server, when the registration spam bot requests the registration page (wp-login.php?action=register), then these .htaccess file rules will throw Page Not Found error
#Block Spam Registration Requests to this URI (wp-login.php?action=register)
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{THE_REQUEST} ^.*(wp-login.php\?action=register).* [NC]
RewriteRule ^(.*)$ - [F,L]
</IfModule>
