plugin-icon

Polanger Admin Suite – Control & Customize WordPress Admin

All-in-one WordPress admin control. Manage menus, dashboard, login security, activity logs, and more in one powerful plugin.
Ratings
5
Version
1.5.7
Active installations
40
Last updated
Jul 14, 2026
Polanger Admin Suite – Control & Customize WordPress Admin

Polanger – Admin Suite is a powerful, all-in-one solution to fully control and optimize your WordPress admin experience.

Instead of installing multiple plugins for menu management, login security, dashboard cleanup, and activity tracking – Polanger brings everything together in one clean, modern interface.

Whether you’re a developer, agency, or site owner, Polanger helps you create a cleaner, safer, and more controlled WordPress admin panel.

Why Polanger Admin Suite?

  • All-in-One Admin Control – Replace multiple plugins with one powerful solution
  • Clean & Organized Dashboard – Remove clutter and simplify your workflow
  • Enhanced Security – Protect login and track activity
  • Modern UI – Fast, intuitive, and easy to use
  • Built for Agencies & Teams – Perfect for multi-user environments

Core Features

Admin Menu Manager

  • Hide any admin menu or submenu item
  • Role-based visibility control
  • Rename menu items and submenus
  • Change icons with 200+ Dashicons
  • Drag & drop menu reordering
  • Block direct URL access to hidden pages
  • Visual indicators for hidden and modified items
  • Custom admin menu builder (create your own menus)

Admin Bar Customization

  • Replace or remove WordPress logo
  • Hide unwanted admin bar items
  • Add custom links with icons
  • Manage frontend and backend admin bar
  • Auto-detect plugin and theme items

Login Security & Customization

  • Custom login URL (hide wp-login.php)
  • Google reCAPTCHA v2 & v3 support
  • Custom login page design (logo, colors, background)
  • Brute force protection
  • Secure login flow enhancements

Two-Factor Authentication (2FA)

  • Email-based verification codes
  • Role-based enforcement
  • Recovery keys for backup access
  • Configurable expiration times
  • Super admin protection

Activity Log

  • Track logins, plugin changes, content updates, and more
  • Filter by user, action, and date
  • Export logs (CSV)
  • Email alerts for critical actions
  • GDPR/KVKK compliant logging

Dashboard Control

  • Hide default WordPress widgets
  • Hide third-party plugin widgets
  • Control admin notices
  • Create custom dashboard widgets
  • Per-user dashboard visibility

Multisite Control

  • Network-wide default settings for multisite installations
  • Site-level override controls for supported modules
  • Lock system for Menu Manager, Admin Bar, Login Security, Activity Log, and Dashboard Center
  • Network-aware addon activation support
  • Developer-friendly effective settings filter architecture

Access Control

  • Restrict plugin access to specific users
  • Read-only mode support
  • Prevent unauthorized access
  • Super admin safety protection

Design System

  • Token-based admin theming system for consistent and scalable customization
  • Customize colors across admin UI (sidebar, admin bar, background, text, surfaces)
  • Sidebar background, text color, and menu item styling
  • Admin bar background, text color, submenu background, and submenu text color
  • Built-in presets (e.g. Dark, Minimal, Default) with one-click application
  • Automatic CSS generation with cache-friendly performance
  • Smart contrast correction for readable text on both dark and light surfaces
  • Typography controls including font family and basic shape settings
  • Scoped styling to avoid conflicts with WordPress core and plugins
  • Extensible architecture for future themes, layouts, and design packs

Frontend Content Visibility

  • Per-content frontend access control for posts, pages, and supported custom post types
  • Visibility modes for public, logged-in users only, selected roles only, or hidden-from-selected-roles workflows
  • Multiple denied behaviors including login redirect, 404, access denied message, and custom redirect
  • Theme-friendly replacement mode or dedicated access denied page for stricter template control
  • Optional hiding from archives, search results, public REST responses, and WordPress XML sitemaps
  • Rich-text access denied messages with TinyMCE, HTML, and shortcode support

Authenticator App (TOTP)

  • Google Authenticator and Microsoft Authenticator support
  • Time-based One-Time Password (TOTP) verification
  • Multi-user architecture with per-user enrollment
  • Mandatory enrollment flow for users in required roles
  • Profile page 2FA management (Users Profile)
  • Admin visibility: enrollment status only, no secret access
  • Safe secret rotation with pending secret system
  • Old authenticator remains active until new setup is verified
  • Secure secret storage with AES-256-CBC encryption
  • Manual secret entry with provisioning URI support
  • One-time recovery keys (10 keys per user, auto-regenerated on rotation)
  • Email fallback option when authenticator is unavailable
  • Brute-force protection with configurable lockout
  • Replay attack prevention with time-slice tracking
  • Seamless integration with core 2FA settings (roles, lockout, expiry)

reCAPTCHA Protection

  • Centralized Google reCAPTCHA key management (v2 and v3)
  • All reCAPTCHA configuration consolidated in one dedicated addon
  • Login form protection
  • Registration form protection
  • Lost password form protection
  • Comment form protection (works with Comment Security addon)
  • Configurable v3 score threshold
  • Badge position customization for v3
  • Automatic script loading only when needed

Firewall

  • WordPress-aware request firewall for common bot probes, login abuse, XML-RPC exposure, and anonymous REST pressure
  • Monitor Only, Balanced, and Strict modes for safe testing, recommended daily protection, or more aggressive attack response
  • Detects suspicious requests for exposed files, backup archives, shell files, phpMyAdmin/Adminer paths, traversal probes, unsafe HTTP methods, and oversized URLs or query strings
  • Native WordPress login, registration, and lost password rate limiting with identity and IP-based counters
  • XML-RPC hardening for authenticated methods, multicall abuse, and optional pingback disabling
  • Anonymous REST API rate limiting, anonymous write blocking, and anonymous user listing protection
  • Request scoring engine for combined suspicious signals such as unsafe methods, bad user agents, sensitive paths, injection probes, long URLs, and long query strings
  • Security response headers, numeric author enumeration protection, and WordPress Application Password guard controls
  • IP allowlist and denylist controls with CIDR support
  • Temporary IP cooldowns for repeated probe traffic
  • Recent event logging without turning the addon into a heavy full request logger
  • Built-in Firewall Diagnostics for safe internal self-tests of request scoring, rate limits, REST/XML-RPC behavior, IP/CIDR matching, cooldown logic, and security header settings
  • Diagnostics simulate decisions inside WordPress and do not send malicious traffic, attack your site, or test hosting/CDN WAF rules
  • Preset profiles apply automatically while respecting user-customized settings, with advanced tuning kept optional

Addon Architecture

Polanger Admin Suite includes a modular addon system designed for scalability and clarity.

Core Addons

  • Admin Bar
  • Dashboard Center
  • Admin Activity Log
  • Custom Admin Menu Builder
  • Multisite Control
  • Design System
  • Comment Security Layer
  • Authenticator (TOTP)
  • reCAPTCHA
  • Firewall
  • Maintenance Center
  • WooCommerce Security
  • Polanger Shield

3rd Party Addons

  • Reserved for future ecosystem integrations
  • Addons are managed from the built-in Addons tab
  • Core addons and external addons are separated for easier management

Built for Real-World Use

Polanger is designed for:

  • Agencies managing client websites
  • Developers who need full admin control
  • Teams working with multiple user roles
  • Site owners who want a cleaner dashboard

Lightweight & Secure

  • Built with WordPress coding standards
  • Nonce verification for all actions
  • Capability checks for all operations
  • Sanitized inputs and secure database queries
  • Optimized for performance

Available Languages

Polanger Admin Suite currently includes translations for:

  • English (default)
  • Turkish (tr_TR)
  • Arabic (ar)
  • Russian (ru_RU)
  • Chinese – Simplified (zh_CN)
  • Spanish (es_ES)
  • German (de_DE)

More information:

Freeon paid plans
Tested up to
WordPress 6.9.4
This plugin is available for download for your site.