The Ultimate WordPress Admin Guide: 7 Things to Know

Complete control over your website is one of the most appealing benefits of WordPress. However, you may feel overwhelmed if this is your first time as a WordPress site owner or administrator. After all, there’s a lot more to it than just picking your favorite theme and installing some plugins.

Stepping into the role of WordPress administrator can be intimidating, given the amount you need to learn. The good news is you don’t need to be a WordPress expert to be a successful admin. With some foundational knowledge, you’ll be able to get started in no time.

This guide will cover seven essential things about being a WordPress admin. Regardless of your experience, the information and tools here will make your job easier. Let’s get going!

WordPress Admin: Two Different Definitions

Before we get started, we should point out that there are two different meanings for the term “WordPress Admin” or “WordPress Administrator.” We’ll be using them both in this article, so to avoid any confusion, remember that we could be referring to:

1. The WordPress Administrator user role
2. The WordPress Administrator interface

The WordPress Admin Role

Every user of a WordPress website is assigned a role or role “group.” The role determines the user’s permissions and the tasks they can (or can’t) perform. When you create a WordPress site, you are given the Administrator role. As an admin, you can do anything on that site without limitation.

The WordPress Admin Dashboard

The WordPress administrator dashboard or admin interface is the “back end” of your WordPress website. It’s what you see when you log into your WordPress website.

Seven Things to Know About Being a WordPress Admin

Now that we’ve clarified the different meanings of WordPress admin, we can start to dig into what an administrator user does and how you can use the admin dashboard to get things done.

Here are seven key things you’ll want to know as a WordPress admin.

How to Log In as a WordPress Admin

Let’s begin with how to log in to your site as a WordPress admin. You can use either of two URLs to access the WordPress admin login screen: http://www.yoursite.com/wp-login.php or http://www.yoursite.com/wp-admin.

Either of these URLs will bring you to the login screen, and of course, you’ll want to replace our placeholder yoursite.com domain with your own.

To log in, enter the credentials you selected when you installed WordPress and click the Log In button. If you’ve forgotten your password, you can reset it from this screen. Click on the Lost Your Password link to receive a password reset link in your email.

We have a WordPress login video tutorial if you’d like to see this in action. Once you’ve logged in, you’ll want to look around.

Learn WordPress Administrator Capabilities

As a WordPress administrator, you have a lot of capabilities available to you. Capabilities include all the actions you can take on the website.

It’s worth mentioning that as an administrator, your capabilities are limited to a single website. Armed with some high-level knowledge of what you can do as a site administrator, the next step is to get familiar with the admin dashboard.

You can do just about anything on a WordPress site, including:

• Installing and managing plugins
• Managing pages and posts
• Installing and configuring themes
• Managing Reusable Blocks
• Creating and deleting users
• Moderating comments
• Deleting the entire site

For an exhaustive list, check out the official WordPress documentation about the capabilities of WordPress Administrators. This should give you an idea of the scope of a WordPress admin’s job.  

Capability	Actions
Manage Plugins	Upload/Install (Add New), Activate, Deactivate, Update, Delete, Edit
Manage Pages	Add New, Edit, Schedule, Publish, Change to Draft, Delete, Read
Manage Posts	Add New, Edit, Schedule, Publish, Change to Draft, Delete, Read
Manage Themes	Upload/Install (Add New), Activate, Edit Theme Options, Switch Themes, Delete Themes
Export/Import	Export, Import
Manage Users	Create, Promote, Delete, Edit
Manage Categories	Add New, Edit, Delete View,
Manage Links	Add New, Edit, Delete; Manage Link Categories (Add New, Edit, Delete, View)
Manage Options	Control Settings (General, Writing, Reading, Discussion, Permalinks, Miscellaneous)
Manage Updates	Update Plugins, Update Themes, Update WordPress, Activate Auto Updates for Themes And Plugins, Deactivate Auto Updates for Themes and Plugins
Moderate Comments	Approve, Reply, Edit, Mark as Spam, Trash, Empty Trash
Manage Private Pages/Posts	Read, Edit, Publish, Add New, Set Password, Schedule, Change to Draft
Manage Media Library Files	Upload, Delete, Rename, Edit
Customize	Perform Customizer Actions (Site Identity, Menus, Widgets, Homepage Settings, Additional CSS)
Delete Site	Delete
Manage Reusable Blocks	Create, Edit, Read, Delete

Get to Know the WordPress Admin Dashboard

The WordPress admin dashboard is what you’ll use to navigate the back end of your website. You’ll quickly become familiar with its layout and functionality.

You’ll find yourself on the dashboard’s home screen when you log in. It will give you an overview of your website and alert you to any urgent issues. There are several widgets containing this information.

Activity Widget

You’ll undoubtedly want to check out the Activity widget, especially if your site has a blog. This is where you’ll see recently published posts and any scheduled posts you may have waiting to go live. Recent comments will be displayed, and you can moderate them directly from here.

Quick Draft Widget

Quick Draft is another useful widget, especially if you’ll be making a lot of bite-sized posts. You can create the entire post (including adding media and tags) and publish without leaving the home screen. As the widget’s name implies, you can save drafts here without publishing them. This function is useful if inspiration strikes while you work on other things.

Screen Options

You can decide which sections to show and hide by using the Screen Options at the top right of the screen. You can even drag and drop the boxes if you’d like to arrange them in a different order.

Navigation Menu

Finally, the left side of the screen is home to the WordPress navigation menu. It contains all the tools you need to perform your WordPress administration tasks.

4. Understand Important WordPress Admin Tasks

WordPress maintenance will ensure you stay busy. Let’s look at some of the tasks you’ll perform.

WordPress Backups

If you don’t back up your WordPress website, you run a real risk of losing all of your hard work. While this is something you’ll likely set up to be done automatically, you still need to check the backup is happening the way it’s supposed to. Your backups should be delivered to several different offsite storage locations. Then, you know your site is still safe even if one backup fails.

Solid Backups will handle all of your backups on a schedule you choose. This tool backs up your entire WordPress installation, including comments, (core, plugin, and theme) settings, Media Library files, and more. If your site is updated frequently, you may want to consider using Solid Stash Live as well, which will create a snapshot of your site on a daily basis, automatically.

Running Updates for Themes and Plugins

Running outdated software is often why a WordPress website or blog gets hacked. Keeping your WordPress website up to date should be at the top of your WordPress Administrator checklist. WordPress core and any theme or plugin installed on your website should always run the latest version.

Keeping themes and plugins updated is a large part of what keeps your WordPress site running smoothly and safely. Checking for patches and updates should be a daily priority for you. If you use any premium products, keep the licenses active so you’ll know when updates are released. Generally, you’ll want to install all updates and patches as soon as possible after performing a site backup.

Moreover, unused themes or plugins slow down your site, making it more vulnerable to attack. You can deactivate plugins you aren’t using right now, although you’ll want to completely uninstall anything you won’t use again. One exception: keep a WordPress default theme installed, as your site will fall back on this if your primary theme fails.

Blog Management

Successful blogs need attention, so you’ll spend a lot of time on yours. You’ll want to monitor your best-performing posts to help brainstorm topics for new posts. If you’re not writing your own posts, you’ll need to edit and publish any pending articles.

Once you have some posts published, you’ll need to monitor the comments. Spam comments will become the bane of your life, and deleting them is necessary, as they can negatively impact your SEO. In contrast, you’ll also want to approve and reply to legitimate comments every day. Engagement is a large part of building a community around your website.

Blog management isn’t just about on-site content either. As such, you should periodically test your email list signup and your social sharing buttons. If you offer any free downloads, check that those are also working as expected.

WordPress Security Tasks

As a WordPress admin, you’ll also have additional WordPress security tasks to ensure your website is secure — hardening your site, managing users, applying software upgrades, and monitoring core, theme, and plugin vulnerabilities as they emerge. A WordPress security plugin like iThemes Security Pro will help you accomplish and automate these tasks.

Unfortunately, there is not a 100% guaranteed solution for securing WordPress. Good security is all about minimizing risk. If anybody tries to sell you a 100% secure solution, they’re scamming you. You’ll never be completely safe, but there’s a lot you can do to minimize your risk.

For example, some of the most important WordPress security tasks include:

• Limit Login Attempts – WordPress doesn’t limit failed login attempts by default. Without this limit, WordPress can be an easy target for brute-force attacks
• Use Strong Passwords – You should use a strong password for your WordPress admin password. A strong password is at least 12 characters long and combines alphanumeric and ASCII characters.
• Use Two-Factor Authentication – Two-factor authentication (2FA) adds a very strong layer of security by requiring an extra code along with your WordPress admin username and password to log in to your website.
• Keep Your Software Updated – Keep WordPress, themes, and plugins updated to the latest version by running updates.
• Backup Your Website – We covered this in a previous section, but it’s important to mention it again. Back up your site!

Use Solid Central to Perform WordPress Admin Tasks for Multiple WordPress Sites

A single website demands a significant time commitment from its admin. However, if you’re overseeing several sites, you’ll probably want to use a tool like Solid Central, which enables you to manage multiple WordPress websites from one dashboard.

Using Solid Central will give you back a lot of time. Logging in to the Central dashboard will provide you access to each of your websites without needing to visit multiple login pages or worry about forgetting credentials.

Once logged in, you can handle theme and plugin updates with a single click. You’ll even be able to add new users, another responsibility of the site’s administrator.

Add a New User to a WordPress Site

Adding new users isn’t a complicated process, but you’ll want to put some thought into it. We recommend using the Principle of Least Privilege (PoLP) to determine the new user’s role. The PoLP states that a user should have only the minimum privileges necessary to accomplish their tasks. 

As an administrator, you can also create new users up to the Administrator level. However, use caution when granting this level of access to your site.

You should only assign this role to those you trust, such as customer support or a web developer you’ve hired to work on your website – no more than one or two permanent users. Furthermore, it’s best to revoke the administrator-level privileges once they are no longer necessary.

To add a new user:

• Select Users > New from the navigation menu.
• Create a username.
• Enter the first and last names as well as the email of the user.
• Select the appropriate role.
• Click Add New User.

You can change the password rather than using the one generated by WordPress. Also, you can have an email sent to the new user about their role. We’ve created a tutorial – How to Add a New WordPress User – to give you a visual walkthrough.

The new user will appear in your list of users, which you can view by clicking Users in the left-hand dashboard navigation panel. This list is something to check periodically, and keeping the number of legitimate admins to a minimum will make an unexpected addition easier to spot.

Secure Your WordPress Admin Login and Other Users

The WordPress admin login screen is especially vulnerable to attack. The URLs used to access it are the same for every WordPress site. To keep your site safe, follow these best practices for passwords:

• Choose a strong password that uses upper and lowercase letters, numbers, and special characters.
• Don’t use information that can be linked to you, such as your birthday.
• Don’t use the same password on multiple accounts.
• Change your password several times a year.
• Consider enabling password-less login for your site.

The point is to make it difficult to carry out brute-force attacks on your site. Your WordPress site’s security is paramount, so you may want to install a plugin to help you with this task.

iThemes Security Pro protects your site in over 30 different ways. These include Passkeys, Two-Factor Authentication (2FA), trusted device settings, and passwordless login.

Wrapping Up

As a WordPress admin, the daily upkeep of your site falls to you. It’s a huge responsibility but rewarding as your hard work pays off.  By now, you have the tools you need to get started and execute your role successfully.

With the basics down, the common daily tasks such as backups and blog management will be a breeze. You’ll want to use Solid Central to save time if you’re running multiple sites. Managing users is also a key administrative task; your site’s security depends on it.

Are there any challenges you’ve faced while getting started as the administrator of a WordPress site? Let us know in the comments section below!