WPHammer
Log in
  • Roles
  • Security considerations
  • Related

    • WordPress Users

    WPHammer lets you view and manage WordPress users on your sites without logging into the WordPress admin panel. User management is handled via WP-CLI over SSH, so changes take effect immediately on the site.

    Viewing users

    From the site detail page, you can list all WordPress users on a site. Each user record shows:

    • Username — the WordPress login name
    • Email — the email address associated with the account
    • Role — the WordPress role (administrator, editor, author, contributor, subscriber)
    • User ID — the internal WordPress user ID

    The user list is fetched on demand via WP-CLI, so it always reflects the current state of the WordPress database.

    User actions

    Create a user

    Add a new WordPress user to a site by providing:

    • Username
    • Email address
    • Role
    • Password (or let WordPress generate one)

    The user is created via WP-CLI and can log in immediately. This is useful for granting client access, creating staging test accounts, or setting up service accounts for integrations.

    Update a user

    Modify an existing user's role or reset their password. Role changes take effect immediately — a user downgraded from administrator to editor will lose admin capabilities on their next page load.

    Delete a user

    Remove a WordPress user from the site. When deleting a user, WordPress requires you to either delete their content or reassign it to another user. WPHammer handles this through the WP-CLI user delete command.

    Roles

    WordPress defines a standard set of roles with increasing levels of capability:

    • Subscriber — can only manage their own profile
    • Contributor — can write posts but not publish them
    • Author — can publish and manage their own posts
    • Editor — can manage and publish all posts
    • Administrator — full access to all WordPress admin features

    WPHammer respects these role definitions. When creating or updating users, the available roles match what the WordPress installation supports, including any custom roles added by plugins.

    Security considerations

    User management should be treated as a sensitive operation. Creating administrator accounts or resetting passwords grants significant access to the WordPress site. WPHammer logs user management actions in the activity log so your team has an audit trail.

    For quick access to the WordPress admin without creating new users, consider using Magic Login instead.

    Related