plugin-icon

Polanger Admin Suite – Control & Customize WordPress Admin

All-in-one WordPress admin control. Manage menus, dashboard, login security, activity logs, and more in one powerful plugin.
Betyg
5
Version
1.5.6
Aktiva installationer
40
Senast uppdaterat
Jul 12, 2026
Polanger Admin Suite – Control & Customize WordPress Admin

Polanger – Admin Suite is a powerful, all-in-one solution to fully control and optimize your WordPress admin experience.

Instead of installing multiple plugins for menu management, login security, dashboard cleanup, and activity tracking – Polanger brings everything together in one clean, modern interface.

Whether you’re a developer, agency, or site owner, Polanger helps you create a cleaner, safer, and more controlled WordPress admin panel.

Why Polanger Admin Suite?

  • All-in-One Admin Control – Replace multiple plugins with one powerful solution
  • Clean & Organized Dashboard – Remove clutter and simplify your workflow
  • Enhanced Security – Protect login and track activity
  • Modern UI – Fast, intuitive, and easy to use
  • Built for Agencies & Teams – Perfect for multi-user environments

Core Features

Admin Menu Manager

  • Hide any admin menu or submenu item
  • Role-based visibility control
  • Rename menu items and submenus
  • Change icons with 200+ Dashicons
  • Drag & drop menu reordering
  • Block direct URL access to hidden pages
  • Visual indicators for hidden and modified items
  • Custom admin menu builder (create your own menus)

Admin Bar Customization

  • Replace or remove WordPress logo
  • Hide unwanted admin bar items
  • Add custom links with icons
  • Manage frontend and backend admin bar
  • Auto-detect plugin and theme items

Login Security & Customization

  • Custom login URL (hide wp-login.php)
  • Google reCAPTCHA v2 & v3 support
  • Custom login page design (logo, colors, background)
  • Brute force protection
  • Secure login flow enhancements

Two-Factor Authentication (2FA)

  • Email-based verification codes
  • Role-based enforcement
  • Recovery keys for backup access
  • Configurable expiration times
  • Super admin protection

Activity Log

  • Track logins, plugin changes, content updates, and more
  • Filter by user, action, and date
  • Export logs (CSV)
  • Email alerts for critical actions
  • GDPR/KVKK compliant logging

Dashboard Control

  • Hide default WordPress widgets
  • Hide third-party plugin widgets
  • Control admin notices
  • Create custom dashboard widgets
  • Per-user dashboard visibility

Multisite Control

  • Network-wide default settings for multisite installations
  • Site-level override controls for supported modules
  • Lock system for Menu Manager, Admin Bar, Login Security, Activity Log, and Dashboard Center
  • Network-aware addon activation support
  • Developer-friendly effective settings filter architecture

Access Control

  • Restrict plugin access to specific users
  • Read-only mode support
  • Prevent unauthorized access
  • Super admin safety protection

Design System

  • Token-based admin theming system for consistent and scalable customization
  • Customize colors across admin UI (sidebar, admin bar, background, text, surfaces)
  • Sidebar background, text color, and menu item styling
  • Admin bar background, text color, submenu background, and submenu text color
  • Built-in presets (e.g. Dark, Minimal, Default) with one-click application
  • Automatic CSS generation with cache-friendly performance
  • Smart contrast correction for readable text on both dark and light surfaces
  • Typography controls including font family and basic shape settings
  • Scoped styling to avoid conflicts with WordPress core and plugins
  • Extensible architecture for future themes, layouts, and design packs

Frontend Content Visibility

  • Per-content frontend access control for posts, pages, and supported custom post types
  • Visibility modes for public, logged-in users only, selected roles only, or hidden-from-selected-roles workflows
  • Multiple denied behaviors including login redirect, 404, access denied message, and custom redirect
  • Theme-friendly replacement mode or dedicated access denied page for stricter template control
  • Optional hiding from archives, search results, public REST responses, and WordPress XML sitemaps
  • Rich-text access denied messages with TinyMCE, HTML, and shortcode support

Authenticator App (TOTP)

  • Google Authenticator and Microsoft Authenticator support
  • Time-based One-Time Password (TOTP) verification
  • Multi-user architecture with per-user enrollment
  • Mandatory enrollment flow for users in required roles
  • Profile page 2FA management (Users Profile)
  • Admin visibility: enrollment status only, no secret access
  • Safe secret rotation with pending secret system
  • Old authenticator remains active until new setup is verified
  • Secure secret storage with AES-256-CBC encryption
  • Manual secret entry with provisioning URI support
  • One-time recovery keys (10 keys per user, auto-regenerated on rotation)
  • Email fallback option when authenticator is unavailable
  • Brute-force protection with configurable lockout
  • Replay attack prevention with time-slice tracking
  • Seamless integration with core 2FA settings (roles, lockout, expiry)

reCAPTCHA Protection

  • Centralized Google reCAPTCHA key management (v2 and v3)
  • All reCAPTCHA configuration consolidated in one dedicated addon
  • Login form protection
  • Registration form protection
  • Lost password form protection
  • Comment form protection (works with Comment Security addon)
  • Configurable v3 score threshold
  • Badge position customization for v3
  • Automatic script loading only when needed

Firewall

  • WordPress-aware request firewall for common bot probes, login abuse, XML-RPC exposure, and anonymous REST pressure
  • Monitor Only, Balanced, and Strict modes for safe testing, recommended daily protection, or more aggressive attack response
  • Detects suspicious requests for exposed files, backup archives, shell files, phpMyAdmin/Adminer paths, traversal probes, unsafe HTTP methods, and oversized URLs or query strings
  • Native WordPress login, registration, and lost password rate limiting with identity and IP-based counters
  • XML-RPC hardening for authenticated methods, multicall abuse, and optional pingback disabling
  • Anonymous REST API rate limiting, anonymous write blocking, and anonymous user listing protection
  • Request scoring engine for combined suspicious signals such as unsafe methods, bad user agents, sensitive paths, injection probes, long URLs, and long query strings
  • Security response headers, numeric author enumeration protection, and WordPress Application Password guard controls
  • IP allowlist and denylist controls with CIDR support
  • Temporary IP cooldowns for repeated probe traffic
  • Recent event logging without turning the addon into a heavy full request logger
  • Preset profiles apply automatically while respecting user-customized settings, with advanced tuning kept optional

Addon Architecture

Polanger Admin Suite includes a modular addon system designed for scalability and clarity.

Core Addons

  • Admin Bar
  • Dashboard Center
  • Admin Activity Log
  • Custom Admin Menu Builder
  • Multisite Control
  • Design System
  • Comment Security Layer
  • Authenticator (TOTP)
  • reCAPTCHA
  • Firewall

3rd Party Addons

  • Reserved for future ecosystem integrations
  • Addons are managed from the built-in Addons tab
  • Core addons and external addons are separated for easier management

New Addons

The following optional addons are included with Polanger Admin Suite and can be enabled from the built-in Addons screen.

Firewall

Firewall is a free optional addon included with Polanger Admin Suite. It adds a lightweight WordPress-aware request firewall that protects common WordPress entry points without requiring server configuration. It is designed for practical WordPress hardening: choose a protection mode, save, and let the preset manage the recommended safeguards while advanced tuning remains optional.

  • Adds a dedicated Settings > Firewall tab with Monitor Only, Balanced, and Strict protection modes
  • Lets most users run the firewall by choosing one mode instead of manually configuring every technical option
  • Blocks or monitors common bot probes such as .env, wp-config, backup archives, shell files, phpMyAdmin/Adminer paths, traversal attempts, unsafe methods, and oversized URLs
  • Protects native WordPress login, registration, and lost password requests with identity and IP-based rate limits
  • Hardens XML-RPC by reducing authenticated method exposure, multicall abuse, and optional pingback usage
  • Protects anonymous REST API traffic with rate limits, anonymous write blocking, and public user listing protection
  • Adds a request scoring engine that combines suspicious signals such as unsafe methods, bad user agents, exposed-file paths, injection probes, long URLs, and long query strings before deciding whether to monitor or block
  • Adds browser-side security response headers such as nosniff, frame protection, referrer policy, permissions policy, and optional Strict-mode frame-ancestors protection
  • Adds numeric author ID enumeration protection for requests such as ?author=1
  • Adds WordPress Application Password guarding with usage logging and optional administrator-only availability in Strict mode
  • Includes IP allowlist, IP denylist, CIDR support, trusted proxy IP handling, temporary IP cooldowns, and a lightweight recent event log
  • Applies mode presets automatically while respecting administrator-customized settings; if a field is changed manually, the addon keeps that override
  • Keeps advanced rate limits, REST/XML-RPC details, IP rules, probe tuning, and header/API controls tucked away so normal users are not forced through dozens of settings

WooCommerce Security

WooCommerce Security is a free optional addon included with Polanger Admin Suite. It extends Polanger protections to WooCommerce customer account flows.

  • Adds Polanger reCAPTCHA support to WooCommerce login, registration, and lost password forms, including My Account and supported login prompts
  • Carries the core 2FA challenge flow into WooCommerce customer login so users return to the correct account destination after verification
  • Includes a dedicated Settings > WooCommerce tab with automatic rate limiting profiles for login, registration, and password reset abuse
  • Offers Relaxed, Balanced, and Strict protection modes without overwhelming store owners with low-level tuning
  • Requires Polanger Admin Suite and WooCommerce to be installed and active

Maintenance Center

Maintenance Center is a free optional addon for branded maintenance windows, coming soon pages, and deployment-safe public access control.

  • Adds a dedicated Settings > Maintenance tab for managing maintenance mode from one guided workflow
  • Lets you pick a logo and background from the Media Library instead of manually pasting image URLs
  • Includes alignment controls for the logo, headline, message, and footer so non-technical users can build cleaner layouts faster
  • Uses the WordPress editor for the main message and footer, with support for links, shortcodes, and basic HTML
  • Supports solid color, gradient, or image backgrounds, visitor countdown timers, signed preview links, and custom CSS/JavaScript fields
  • Includes role-based and IP-based bypass rules plus deployment locks for comments, registration, checkout, and purchases where applicable
  • Requires Polanger Admin Suite to be installed and active

Polanger Shield

Polanger Shield is a free optional addon for admin-side page governance and contextual guidance.

  • Create rules directly from the live WordPress admin screen using the floating Shield button
  • Block specific admin pages for selected administrators and optionally deny direct URL access
  • Hide individual admin interface areas such as metaboxes, plugin panels, or settings sections without editing third-party plugin code
  • Attach internal notes to exact admin elements so selected users see the guidance where it matters
  • Includes a centralized rule dashboard, rule testing flow, temporary safe mode, and Activity Log integration
  • Requires Polanger Admin Suite to be installed and active

Built for Real-World Use

Polanger is designed for:

  • Agencies managing client websites
  • Developers who need full admin control
  • Teams working with multiple user roles
  • Site owners who want a cleaner dashboard

Lightweight & Secure

  • Built with WordPress coding standards
  • Nonce verification for all actions
  • Capability checks for all operations
  • Sanitized inputs and secure database queries
  • Optimized for performance

Available Languages

Polanger Admin Suite currently includes translations for:

  • English (default)
  • Turkish (tr_TR)
  • Arabic (ar)
  • Russian (ru_RU)
  • Chinese – Simplified (zh_CN)
  • Spanish (es_ES)
  • German (de_DE)

More information:

Gratispå betalda paket
Testat upp till
WordPress 6.9.4
Detta tillägg är tillgängligt för nedladdning för din .