Polanger Admin Suite – Control & Customize WordPress Admin
·
All-in-one WordPress admin control. Manage menus, dashboard, login security, activity logs, and more in one powerful plugin.
Ratings
Version
1.5.7
Active installations
40
Last updated
Jul 14, 2026
Polanger – Admin Suite is a powerful, all-in-one solution to fully control and optimize your WordPress admin experience.
Instead of installing multiple plugins for menu management, login security, dashboard cleanup, and activity tracking – Polanger brings everything together in one clean, modern interface.
Whether you’re a developer, agency, or site owner, Polanger helps you create a cleaner, safer, and more controlled WordPress admin panel.
Why Polanger Admin Suite?
- All-in-One Admin Control – Replace multiple plugins with one powerful solution
- Clean & Organized Dashboard – Remove clutter and simplify your workflow
- Enhanced Security – Protect login and track activity
- Modern UI – Fast, intuitive, and easy to use
- Built for Agencies & Teams – Perfect for multi-user environments
Core Features
Admin Menu Manager
- Hide any admin menu or submenu item
- Role-based visibility control
- Rename menu items and submenus
- Change icons with 200+ Dashicons
- Drag & drop menu reordering
- Block direct URL access to hidden pages
- Visual indicators for hidden and modified items
- Custom admin menu builder (create your own menus)
Admin Bar Customization
- Replace or remove WordPress logo
- Hide unwanted admin bar items
- Add custom links with icons
- Manage frontend and backend admin bar
- Auto-detect plugin and theme items
Login Security & Customization
- Custom login URL (hide wp-login.php)
- Google reCAPTCHA v2 & v3 support
- Custom login page design (logo, colors, background)
- Brute force protection
- Secure login flow enhancements
Two-Factor Authentication (2FA)
- Email-based verification codes
- Role-based enforcement
- Recovery keys for backup access
- Configurable expiration times
- Super admin protection
Activity Log
- Track logins, plugin changes, content updates, and more
- Filter by user, action, and date
- Export logs (CSV)
- Email alerts for critical actions
- GDPR/KVKK compliant logging
Dashboard Control
- Hide default WordPress widgets
- Hide third-party plugin widgets
- Control admin notices
- Create custom dashboard widgets
- Per-user dashboard visibility
Multisite Control
- Network-wide default settings for multisite installations
- Site-level override controls for supported modules
- Lock system for Menu Manager, Admin Bar, Login Security, Activity Log, and Dashboard Center
- Network-aware addon activation support
- Developer-friendly effective settings filter architecture
Access Control
- Restrict plugin access to specific users
- Read-only mode support
- Prevent unauthorized access
- Super admin safety protection
Design System
- Token-based admin theming system for consistent and scalable customization
- Customize colors across admin UI (sidebar, admin bar, background, text, surfaces)
- Sidebar background, text color, and menu item styling
- Admin bar background, text color, submenu background, and submenu text color
- Built-in presets (e.g. Dark, Minimal, Default) with one-click application
- Automatic CSS generation with cache-friendly performance
- Smart contrast correction for readable text on both dark and light surfaces
- Typography controls including font family and basic shape settings
- Scoped styling to avoid conflicts with WordPress core and plugins
- Extensible architecture for future themes, layouts, and design packs
Frontend Content Visibility
- Per-content frontend access control for posts, pages, and supported custom post types
- Visibility modes for public, logged-in users only, selected roles only, or hidden-from-selected-roles workflows
- Multiple denied behaviors including login redirect, 404, access denied message, and custom redirect
- Theme-friendly replacement mode or dedicated access denied page for stricter template control
- Optional hiding from archives, search results, public REST responses, and WordPress XML sitemaps
- Rich-text access denied messages with TinyMCE, HTML, and shortcode support
Authenticator App (TOTP)
- Google Authenticator and Microsoft Authenticator support
- Time-based One-Time Password (TOTP) verification
- Multi-user architecture with per-user enrollment
- Mandatory enrollment flow for users in required roles
- Profile page 2FA management (Users → Profile)
- Admin visibility: enrollment status only, no secret access
- Safe secret rotation with pending secret system
- Old authenticator remains active until new setup is verified
- Secure secret storage with AES-256-CBC encryption
- Manual secret entry with provisioning URI support
- One-time recovery keys (10 keys per user, auto-regenerated on rotation)
- Email fallback option when authenticator is unavailable
- Brute-force protection with configurable lockout
- Replay attack prevention with time-slice tracking
- Seamless integration with core 2FA settings (roles, lockout, expiry)
reCAPTCHA Protection
- Centralized Google reCAPTCHA key management (v2 and v3)
- All reCAPTCHA configuration consolidated in one dedicated addon
- Login form protection
- Registration form protection
- Lost password form protection
- Comment form protection (works with Comment Security addon)
- Configurable v3 score threshold
- Badge position customization for v3
- Automatic script loading only when needed
Firewall
- WordPress-aware request firewall for common bot probes, login abuse, XML-RPC exposure, and anonymous REST pressure
- Monitor Only, Balanced, and Strict modes for safe testing, recommended daily protection, or more aggressive attack response
- Detects suspicious requests for exposed files, backup archives, shell files, phpMyAdmin/Adminer paths, traversal probes, unsafe HTTP methods, and oversized URLs or query strings
- Native WordPress login, registration, and lost password rate limiting with identity and IP-based counters
- XML-RPC hardening for authenticated methods, multicall abuse, and optional pingback disabling
- Anonymous REST API rate limiting, anonymous write blocking, and anonymous user listing protection
- Request scoring engine for combined suspicious signals such as unsafe methods, bad user agents, sensitive paths, injection probes, long URLs, and long query strings
- Security response headers, numeric author enumeration protection, and WordPress Application Password guard controls
- IP allowlist and denylist controls with CIDR support
- Temporary IP cooldowns for repeated probe traffic
- Recent event logging without turning the addon into a heavy full request logger
- Built-in Firewall Diagnostics for safe internal self-tests of request scoring, rate limits, REST/XML-RPC behavior, IP/CIDR matching, cooldown logic, and security header settings
- Diagnostics simulate decisions inside WordPress and do not send malicious traffic, attack your site, or test hosting/CDN WAF rules
- Preset profiles apply automatically while respecting user-customized settings, with advanced tuning kept optional
Addon Architecture
Polanger Admin Suite includes a modular addon system designed for scalability and clarity.
Core Addons
- Admin Bar
- Dashboard Center
- Admin Activity Log
- Custom Admin Menu Builder
- Multisite Control
- Design System
- Comment Security Layer
- Authenticator (TOTP)
- reCAPTCHA
- Firewall
- Maintenance Center
- WooCommerce Security
- Polanger Shield
3rd Party Addons
- Reserved for future ecosystem integrations
- Addons are managed from the built-in Addons tab
- Core addons and external addons are separated for easier management
Built for Real-World Use
Polanger is designed for:
- Agencies managing client websites
- Developers who need full admin control
- Teams working with multiple user roles
- Site owners who want a cleaner dashboard
Lightweight & Secure
- Built with WordPress coding standards
- Nonce verification for all actions
- Capability checks for all operations
- Sanitized inputs and secure database queries
- Optimized for performance
Available Languages
Polanger Admin Suite currently includes translations for:
- English (default)
- Turkish (tr_TR)
- Arabic (ar)
- Russian (ru_RU)
- Chinese – Simplified (zh_CN)
- Spanish (es_ES)
- German (de_DE)
More information:
