Graphic interface to manage User Access to your Front-end and Back-end
| Author: | AAM Plugin (profile at wordpress.org) |
| WordPress version required: | 5.8.0 |
| WordPress version tested: | 6.9.1 |
| Plugin version: | 7.1.0 |
| Added to WordPress repository: | 30-07-2011 |
| Last updated: | 08-03-2026 |
| Rating, %: | 84 |
| Rated by: | 420 |
| Plugin URI: | |
| Total downloads: | 7 400 942 |
| Active installs: | 100 000+ |
 Click to start download |
|
Advanced Access Manager (AAM) introduces Access Governance for WordPress – a systematic approach to securing your site by controlling who can access what, when, and why.
Most WordPress security plugins focus on external threats like malware, firewalls, and brute-force attacks. AAM addresses the root cause of the #1 WordPress security risk: broken access controls, excessive privileges, and misconfigured roles.
Instead of reacting to attacks, AAM helps you design security into your WordPress site.
What Access Governance means in practice
- Mitigate Broken Access Controls. Ensure roles, users, and permissions are correctly configured to prevent unauthorized actions and privilege escalation.
- Eliminate Excessive Privileges. Identify overpowered users and reduce access to critical functionality, admin areas, and APIs.
- Secure Content by Design. Control who can view, edit, publish, or delete posts, pages, media, taxonomies, and custom content types.
- Govern Access with Policy. Define access rules using JSON Access Policies — portable, auditable, and automation-friendly.
- Build Custom Security Logic. Use the AAM PHP Framework to create advanced, programmatic access controls tailored to your application.
Key Features
- Security Audit. Detect risky role assignments, misconfigurations, and compromised accounts.
- Granular Access Control. Manage permissions for any user, role, or visitor with precision.
- Role & Capability Management. Customize WordPress roles and capabilities beyond defaults.
- Admin & Menu Control. Restrict dashboard areas and tailor the admin experience per user or role.
- API & Endpoint Protection. Secure REST and XML-RPC access with fine-grained controls.
- Modern Authentication Options. Support passwordless and secure login flows.
- Developer-Ready Framework. Extend WordPress security using AAM’s powerful SDK.
- Ad-Free & Transparent. – No ads, no tracking, no bloat.
Built for Security-Conscious WordPress Users
AAM is trusted by 150,000+ websites to deliver enterprise-grade access control without unnecessary complexity. Whether you’re a site owner, agency, developer, or security professional, AAM gives you full control over WordPress access — by design.
Most core features are free. Advanced capabilities are available via premium add-ons.
No hidden tracking. No data collection. No unwanted changes.
Just security you can reason about, audit, and trust.
Screenshots
ChangeLog
