Adding a Super Admin user role in a WordPress Multisite
Over the years, we’ve handled numerous WordPress multisite networks, and we’ve discovered that having the right team members with appropriate permissions to manage those sites makes all the difference.
This is where the Super Admin user role becomes invaluable.
Adding a Super Admin user in WordPress multisite differs slightly from the process of adding a user to a single site.
For newcomers, this can sometimes be a bit perplexing, as they might struggle to find the option to add a Super Admin.
Additionally, we’ve encountered instances where users forget their Super Admin login credentials, leaving them locked out of the WordPress multisite admin area.
In this article, we’ll guide you on how to add a Super Admin user role in WordPress multisite. We’ll provide two straightforward methods and share some extra tips to ensure your WordPress multisite is secure.
What Is the Super Admin User Role in WordPress?
WordPress includes a predefined set of user roles, each granting specific permissions to perform tasks on a WordPress site. For more information, refer to our beginner’s guide on WordPress user roles and privileges.
The Super Admin role, however, is a unique user level available exclusively in WordPress installations where the multisite feature is enabled.
With the multisite feature, you can create and host multiple websites under a single WordPress installation. Each of these sites can have its own Administrators responsible for managing the individual website’s settings and content.
A Super Admin, on the other hand, possesses overarching control across the entire multisite network. This role allows the user to manage plugins, install themes, and configure settings that influence all the websites within the network.
While regular Administrators are limited to overseeing operations on a single site, Super Admins hold the authority to implement network-wide changes that affect every site.
When assigning the Super Admin role, exercise extreme caution. Given their extensive access and control, this role should be restricted to individuals you trust completely. Any unintended or improper changes made by a Super Admin can disrupt all the websites in the network.
Method 1: Adding a New Super Administrator User in a WordPress Multisite Network
This approach offers a straightforward method for assigning Super Administrator roles in a WordPress multisite environment.
If you are already logged in as an existing Super Administrator, you can effortlessly utilize this method to grant Super Administrator privileges to new users.
To begin, access the WordPress administrative dashboard with your Super Administrator credentials.
Once logged in, navigate to the top-left corner of the interface and hover your cursor over the “My Sites” menu. This will allow you to proceed with the process effectively.
Adding a Super Admin user role in a WordPress Multisite
Proceed to the Network Administration section and access the Users page.
Within this interface, you are afforded the ability to oversee and manage all user accounts associated with your site. To incorporate a new user, select the ‘Add New User‘ option located at the top of the page.
This action navigates you to the “Add New User“ interface.
Proficient users of WordPress may observe notable differences in this page‘s layout compared to the corresponding feature on a standalone site.
The available fields are limited to entering a username and an email address, with the absence of functionality for assigning a specific user role.
To begin, simply input the username and email address of the user you wish to add, then click the Add User button.
WordPress will process the details and automatically dispatch an email to the user, prompting them to set up their password.
Once that’s complete, the next step is to grant this user Super Admin privileges.
To assign these privileges, navigate to the Users section, select All Users, and identify the user you’ve just added.
Hover the cursor over the username and select the Edit link.
This action will navigate you to the Edit User page.
On this page, scroll down to locate the Super Admin section.
Within this section, mark the checkbox corresponding to the option Grant this user super admin privileges for the Network.
After that, you need to scroll down to the bottom of the page. Ensure you click the ‘Update User’ button to save your changes.
WordPress will proceed to implement the modifications made to the user account, conferring upon them Super Administrator privileges.
A confirmation message will subsequently appear, indicating that the user has been successfully granted Super Admin rights.
You have successfully created a new user with the Super Admin role in WordPress.
Method 2: Manually Adding a Super Admin User in WordPress
This approach is ideal for situations where you’re unable to access the WordPress admin area and cannot add a Super Admin user through the dashboard.
Begin by establishing a connection to your website using either an FTP client or the File Manager tool available in your hosting control panel.
After connecting, locate the /wp-content/themes/ directory and access the folder corresponding to the active theme on your root site.
Here, you will see several files and templates used by your WordPress theme.You need to locate the functions.php file and download it to your computer.
You can now open this file using a plain text editor app like Notepad or TextEdit.
After that, add the following code at the bottom of your functions.php file:
function wpb_create_super_admin() { $username = 'newuser'; // Replace with the desired username $password = 'password123'; // Replace with the desired password $email = 'newuser@example.com'; // Replace with the user's email if ( !username_exists( $username ) && !email_exists( $email ) ) { $user_id = wp_create_user( $username, $password, $email ); if ( !is_wp_error( $user_id ) ) { // Assign the Super Admin role to the new user grant_super_admin( $user_id ); } }}add_action( 'init', 'wpb_create_super_admin' );
Fill in the desired values for $username, $password, and $email to create the new Super Admin user account.
Once you’ve made the changes, save the file and upload it back to your website.
You can now access your WordPress admin area for the root site by logging in with the credentials you just created in the functions file.
A critical reminder: After successfully logging in to your Super Admin account, ensure that you delete the code you added to the functions file.
Leaving this code in place can pose serious security risks.
Securing Super Admin Accounts in WordPress Multisite
Many new users encounter issues with losing access to their Super Admin accounts on WordPress multisites.
This may happen due to forgotten login credentials or, worse, attacks by hackers compromising their multisite.
Such incidents can lead to severe financial losses and damage to a website’s reputation.
To avoid these scenarios, it’s strongly advised that all users follow a thorough WordPress security guide for optimal protection. Here are some actionable security practices to implement immediately:
1. Set Up Automated WordPress Backups
Utilize a reliable WordPress backup plugin to automatically create and store backups of your site at a secure remote location.
We recommend using Duplicator. This plugin is beginner-friendly, easy to set up, and enables the creation of secure backups stored in the cloud.
Most importantly, it simplifies website restoration, allowing you to restore your site with just one click from a backup.
We rely on Duplicator for managing our own websites. For a comprehensive understanding, refer to our detailed Duplicator review.
Keep in mind that while Duplicator offers a free version with restricted features, upgrading to a paid plan is highly recommended.
The premium version provides access to all functionalities, including support for multisite installations.
For further guidance, check out our step-by-step tutorial on backing up your WordPress website.
2. Set up two-factor authentication as an additional security measure.
We implement this for all user accounts, as it enhances protection by creating an extra barrier to unauthorized access, especially to Super Admin accounts.
We have put together a complete step-by-step tutorial on setting up two-factor authentication in WordPress for beginners.
Following it will only take a few minutes but will make your multisite accounts more secure.
3. Ensure WordPress Emails Are Working
We often hear from users who are unable to receive a password reset email from their WordPress websites.
Their WordPress website is not set up to ensure email deliverability.
By default, WordPress sends emails using the PHP mail() function. This function can be abused to send spam, so email service providers like Gmail and Outlook consider these emails suspicious and block them.
To fix this, you need to use an SMTP service like WP Mail SMTP. It allows you to use proper SMTP protocol to send WordPress emails, ensuring all your emails are securely delivered.
Note: A free version of WP Mail SMTP is also available.
We use WP Mail SMTP on all our websites to ensure all users can get their password reset and other important emails. See our WP Mail SMTP review to learn more.
Managing a WordPress multisite network often requires significant effort and expertise.
If you’d prefer to leave the hassle to skilled professionals, consider our WordPress Maintenance service.
For an affordable fee, our dedicated team of WordPress experts will handle updates, ensure robust security, and provide around-the-clock monitoring, giving you peace of mind every step of the way.
We trust this article has been useful in guiding you through the process of adding a Super Admin user role within a WordPress multisite network.