plugin-icon

Kreiswolke Maintenance Agent Toolkit

Oleh KREISWOLKE·
The agent's toolkit for remote & safe WordPress maintenance: snapshots, updates, stack management, health checks, rollbacks, recovery, and hardening
Versi
1.0.0
Terakhir diperbarui
Jul 10, 2026
Kreiswolke Maintenance Agent Toolkit

Maintenance Agent keeps your WordPress sites updated, hardened, and recoverable — so staying current is no longer a risk or a chore. You get a complete maintenance toolkit: careful updates, security hardening, instant rollback, emergency recovery, anti-bot features and Coming Soon page.

Drive it with your own AI assistant, manually, or through the free companion app — which adds the dashboards, manual controls and a specialized agent that runs the whole cycle based on dependencies and site history.

Protect and harden — via wp-admin or remote (FREE)

  • 20 hardening and anti-bot features: security headers, HSTS, hide usernames, generic login errors, disable the file editor, force SSL on admin, block xmlrpc, block PHP execution in uploads, block sensitive files, honeypot URLs, bad-bot blocklist, directory listing off — and more. Each with a plain-English helper, all off by default.
  • Login gate: protect your login with a PIN page that stops login-hammering bots before WordPress even boots (saves server resources).
  • Every .htaccess change backed up automatically first, restorable in one click — plus an FTP kill-switch.
  • Animated Coming Soon page and maintenance mode, configurable and SEO-aware.

Careful maintenance toolset — for agents and custom integrations (FREE)

  • Works with any MCP-capable AI assistant, your scripts, or CI. Registered with the WordPress Abilities API (WP 6.9+), standard Application Password auth.
  • Full site stack and health reports: versions, every plugin and theme, update availability, recent errors.
  • A lightweight health signal, readable any time: database reachable, recent fatals, free disk space, stalled cron, auto-disabled plugins, active cache layer.
  • Point-in-time snapshot of every plugin, theme, core, and the database — taken before anything is touched.
  • The building blocks for careful, one-at-a-time updates: update a single item, flush caches, run a health check — sequenced by whatever drives it (the app’s agent, your script, or your AI assistant).
  • Install, activate, deactivate, or remove any plugin or theme.
  • Per-item restore: roll back only what broke — no full-site backup restore needed.
  • Optional backup-plugin trigger (UpdraftPlus, BackWPup), cache flush, error-log tail.

There is no AI inside the plugin itself — it is a deterministic toolkit. Intelligence lives in whatever you connect to it.

Dashboards and a specialized agent — via the companion app (FREE TIER)

  • The free plan is real and permanent (no credit card, no trial clock): one agent audit, 5 agent maintenance runs, 1 archived restore point, maintenance dashboards.
  • Specialized agent with memory that runs the whole cycle: snapshot reasoned dependency update order verify each step decides rollback if something breaks reports.
  • Dashboard with stack overview, health, pending updates, status, theme/plugin installer, and more.
  • Narrated, read-only first scan — see what the agent thinks of your site before anything is ever changed.
  • Live run view (watch the agent do maintenance work), run history and reports, a Time Machine restore point, per-site notes.

More sites, scheduling, and monitoring — paid plans (optional)

The free plan runs the full agent and dashboards within a small monthly allowance. Paid plans lift the limits and add what matters once you manage more than one site:

  • From a single site to a whole portfolio — more sites, more runs.
  • Scheduling: a weekly maintenance rhythm per site, run unattended, reported back.
  • Uptime, SSL and domain monitoring — external checks enriched with insider context (it knows which run touched the site and what changed).
  • Cross-site installer: install, update, or harden plugins and themes across the whole fleet in one pass.
  • Fleet-wide hardening — the security toolkit applied to many sites at once.
  • Longer restore-point history, client reports under your agency branding, per-client routing.

Pricing and the full comparison are on the website. The plugin never requires a paid plan — or any plan.

Why Maintenance Agent?

Updates should be careful, observable, and reversible. Most tools update everything at once and hope; this one is built the other way.

  • It reasons before it acts: reads your stack, plans a dependency-aware order, updates one item at a time, verifies each step — then decides, per failure, whether to retry, skip, roll back, or stop.
  • Everything is reversible: a snapshot before anything is touched, per-item rollback, and an emergency companion that recovers a site even when the site itself won’t boot.
  • Drive it your way: click it in the dashboard, ask the in-app assistant, or run it from your own AI assistant over MCP — the same safe operations, three ways in.
  • Your data stays in the EU: hosted in Germany, GDPR-aligned with a data-processing agreement, credentials encrypted at rest, and onboarding that never asks for your admin password.

Full features, screenshots, and pricing: https://kreiswolke.com/wp-maintenance-agent/

External services

1. The Kreiswolke companion app (optional, opt-in only)

The plugin contacts the companion app only if you explicitly connect your site (a “Connect” action in the plugin’s settings). Without connecting, the plugin sends nothing anywhere.

When you connect:

  • The connection is established through a consent screen on the app. During pairing, the site URL and cryptographic public keys are exchanged, and a standard WordPress Application Password is created for the app — after you accept the terms on the consent screen.
  • A connected app can then read the site reports described above and perform the maintenance operations you authorize (updates, rollback, hardening configuration), authenticated by that Application Password plus a per-site request signature.
  • The plugin itself initiates only one outgoing call: if the plugin is disconnected, deactivated with disconnect, or deleted, it sends a short, best-effort notification to the app — containing the event name, the site URL, and the pairing identifier — so the app stops treating the site as managed. No other data is in that call.
  • You can disconnect at any time from the plugin’s settings; uninstalling removes the credentials on the site (and revokes the Application Password).

Service provider: Kreiswolke Terms of service: https://kreiswolke.com/terms/ Privacy policy: https://kreiswolke.com/privacy-policy/

2. api.wordpress.org

Site stack reports enrich plugin information (latest version, last-updated date, requirements) through WordPress core’s own plugins_api() — the same wordpress.org API your site already uses for the update screen.

3. Requests to your own site

Several features fetch a URL on your own site (never a third party): the post-update health check (pinned to your site’s address), the webserver-detection probe, the login-gate self-test, and a one-time compatibility probe before writing an ErrorDocument rule. These are loopback self-checks, listed here so they are not mistaken for external calls.

Gratisdi paket berbayar
Diuji hingga
WordPress 7.0.1
Plugin ini tersedia untuk diunduh untuk diinstal di situs .