Description
zmadmin – Admin Access Key is a simple yet powerful security plugin that adds an extra layer of protection to your WordPress admin dashboard. By requiring a custom URL parameter, it prevents unauthorized users from even reaching your login page.
Key Features:
- 🛡️ Enhanced Security: Protects your admin dashboard with customizable URL parameters
- 🔧 Easy Configuration: Simple settings page with intuitive interface
- 🌍 Multilingual Support: Full internationalization support
- ⚡ Lightweight: Minimal impact on site performance
- 🔒 WordPress Standards: Follows WordPress coding standards and security best practices
How It Works:
- Set up your custom access parameters (parameter name and value)
- Access your admin dashboard using the secure URL provided
- Only users with the correct parameters can reach the login page
- Normal login process continues as usual after reaching the login page
Perfect For:
- Developers who want to hide their admin areas
- Websites requiring additional security layers
- Preventing bots and automated attacks on login pages
- Clients who need simple but effective admin protection
Arbitrary section
Security Note:
This plugin adds an additional layer of security but should not be considered a replacement for other security measures like strong passwords, two-factor authentication, and regular WordPress updates.
Development:
This plugin follows WordPress coding standards and security best practices. The code is fully commented and follows PHP best practices.
A brief Markdown Example
Access your admin dashboard securely:
https://yoursite.com/wp-admin/?who=your-secret-key
Customize your parameters:
https://yoursite.com/wp-admin/?custom-param=custom-value
Screenshots
Settings page showing access key configuration
Installation
- Upload the
zmadminfolder to the/wp-content/plugins/directory - Activate the plugin through the ‘Plugins’ menu in WordPress
- Navigate to Settings Admin Access Key to configure your access parameters
- Set your parameter name (default:
who) and parameter value - Use the generated secure URL to access your admin dashboard
FAQ
-
Will this affect my normal login process?
-
No. Once you reach the login page with the correct parameters, the login process works exactly as before. The plugin only controls who can reach the login page.
-
Can I use custom parameter names?
-
Yes! You can customize both the parameter name and value through the settings page. For example, instead of
?who=admin, you could use?secret=MySecretKey123. -
What if I forget my access parameters?
-
You can still access your settings if you’re already logged in. If you’re logged out and forget your parameters, you may need to disable the plugin temporarily via FTP or file manager.
-
Does this work with other security plugins?
-
Yes, zmadmin is designed to work alongside other security plugins. It provides an additional layer of protection without conflicting with existing security measures.
-
Is this plugin compatible with multisite installations?
-
Yes, the plugin works on multisite installations. However, you’ll need to configure it separately for each site where you want protection.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“zmadmin – Admin Access Key” is open source software. The following people have contributed to this plugin.
Contributors
Translate “zmadmin – Admin Access Key” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.1.2
- Enhanced security with comprehensive nonce verification
- Added user permission checks for all admin functions
- Improved input validation and sanitization
- Fixed Ajax endpoint URL detection for all WordPress configurations
- Added additional validation for parameter names and values
- Enhanced error handling and user feedback
1.1.0
- Added internationalization support
- Improved WordPress standards compliance
- Added plugin metadata links
- Enhanced security validation
- Updated for WordPress 6.4 compatibility
1.0.0
- Initial release
- Basic access key protection functionality
- Settings page integration
- Plugin action links