FAIR

Federated and Independent Repositories

zmadmin – Admin Access Key

Plugin Banner

zmadmin – Admin Access Key

by zmaxteam

Download
Description

zmadmin – Admin Access Key is a simple yet powerful security plugin that adds an extra layer of protection to your WordPress admin dashboard. By requiring a custom URL parameter, it prevents unauthorized users from even reaching your login page.

Key Features:

  • 🛡️ Enhanced Security: Protects your admin dashboard with customizable URL parameters
  • 🔧 Easy Configuration: Simple settings page with intuitive interface
  • 🌍 Multilingual Support: Full internationalization support
  • Lightweight: Minimal impact on site performance
  • 🔒 WordPress Standards: Follows WordPress coding standards and security best practices

How It Works:

  1. Set up your custom access parameters (parameter name and value)
  2. Access your admin dashboard using the secure URL provided
  3. Only users with the correct parameters can reach the login page
  4. Normal login process continues as usual after reaching the login page

Perfect For:

  • Developers who want to hide their admin areas
  • Websites requiring additional security layers
  • Preventing bots and automated attacks on login pages
  • Clients who need simple but effective admin protection

Arbitrary section

Security Note:
This plugin adds an additional layer of security but should not be considered a replacement for other security measures like strong passwords, two-factor authentication, and regular WordPress updates.

Development:
This plugin follows WordPress coding standards and security best practices. The code is fully commented and follows PHP best practices.

A brief Markdown Example

Access your admin dashboard securely:
https://yoursite.com/wp-admin/?who=your-secret-key

Customize your parameters:
https://yoursite.com/wp-admin/?custom-param=custom-value

  1. Upload the zmadmin folder to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. Navigate to Settings Admin Access Key to configure your access parameters
  4. Set your parameter name (default: who) and parameter value
  5. Use the generated secure URL to access your admin dashboard
  1. Settings page showing access key configuration

    Settings page showing access key configuration

Will this affect my normal login process?

No. Once you reach the login page with the correct parameters, the login process works exactly as before. The plugin only controls who can reach the login page.

Can I use custom parameter names?

Yes! You can customize both the parameter name and value through the settings page. For example, instead of ?who=admin, you could use ?secret=MySecretKey123.

What if I forget my access parameters?

You can still access your settings if you’re already logged in. If you’re logged out and forget your parameters, you may need to disable the plugin temporarily via FTP or file manager.

Does this work with other security plugins?

Yes, zmadmin is designed to work alongside other security plugins. It provides an additional layer of protection without conflicting with existing security measures.

Is this plugin compatible with multisite installations?

Yes, the plugin works on multisite installations. However, you’ll need to configure it separately for each site where you want protection.

1.1.2

  • Enhanced security with comprehensive nonce verification
  • Added user permission checks for all admin functions
  • Improved input validation and sanitization
  • Fixed Ajax endpoint URL detection for all WordPress configurations
  • Added additional validation for parameter names and values
  • Enhanced error handling and user feedback

1.1.0

  • Added internationalization support
  • Improved WordPress standards compliance
  • Added plugin metadata links
  • Enhanced security validation
  • Updated for WordPress 6.4 compatibility

1.0.0

  • Initial release
  • Basic access key protection functionality
  • Settings page integration
  • Plugin action links
Back to top