plugin-icon

Server Scout

מאת susheelhbti·
Helps server administrators discover and manage all WordPress installations on the same server from a single dashboard.
admin
management
multisite
דירוגים
הוסף חוות דעת
גרסה
1.0.0
עודכן לאחרונה
Jun 11, 2026

Server Scout is a tool for server administrators who manage multiple WordPress sites on the same server. Instead of logging into each site one by one, Scout gives you a single dashboard where you can see every WordPress installation on the server and quickly access them.

What it does

  • Recursively scans a directory of your choice (e.g. /var/www) for all WordPress installations.
  • Displays each site's name, URL, WordPress version, and database prefix.
  • Lists all administrator users for each site (username + email).
  • Generates a secure, one-time, 5-minute login link so you can jump straight into any site's admin area without needing the password.

Who is it for?

  • VPS / dedicated server owners managing multiple client or personal WordPress sites.
  • Developers running several local or staging environments on one machine.
  • Agencies with a fleet of sites on a single server.

How login links work

  1. Click Generate Login Link next to any admin user.
  2. A cryptographically signed, one-time token is stored in that site's database (valid for 5 minutes).
  3. The generated link goes through WordPress's standard admin-ajax.php endpoint — not a direct PHP file — and includes a nonce for request verification.
  4. Opening the link logs you directly into that site's admin dashboard.
  5. The token is deleted immediately on first use — it cannot be used twice.

Security

  • Requires the manage_options capability (Administrator) to use the plugin.
  • All form submissions are protected with WordPress nonces.
  • Login links use wp_ajax_nopriv_ (WordPress AJAX), include a nonce, and go through admin-ajax.php.
  • Tokens are HMAC-signed with WordPress's built-in secure_auth salt — cannot be forged.
  • Scan paths are validated with realpath() before use.
  • All database queries use prepared statements.
  • The standard wp_login action is fired on login so security plugins (login limiters, audit logs) are notified.

Important: This plugin is intended for server administrators only. Do not install it on shared hosting environments where you do not control all sites on the server.

חינםבתוכניות בתשלום
להתחיל
בביצוע ההתקנה, אנחנו מקבלים את הסכמתך לתנאי השירות של WordPress.com ולתנאים של התוסף של הצד השלישי.
נבדקו עד
WordPress 7.0
תוסף זה זמין להורדה ולשימוש דרך שברשותך.
הורדה ושמירה