Changeset 3422374
- Timestamp:
- 12/17/2025 11:38:18 PM (3 months ago)
- Location:
- brenwp-client-safe-mode
- Files:
-
- 11 edited
-
assets/banner-1544x500.png (modified) (previous)
-
assets/banner-772x250.png (modified) (previous)
-
assets/icon-128x128.png (modified) (previous)
-
assets/icon-256x256.png (modified) (previous)
-
assets/screenshot-1.png (modified) (previous)
-
assets/screenshot-2.png (modified) (previous)
-
assets/screenshot-3.png (modified) (previous)
-
assets/screenshot-4.png (modified) (previous)
-
trunk/brenwp-client-safe-mode.php (modified) (2 diffs)
-
trunk/languages/brenwp-client-safe-mode.pot (modified) (1 diff)
-
trunk/readme.txt (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
brenwp-client-safe-mode/trunk/brenwp-client-safe-mode.php
r3421419 r3422374 4 4 * Plugin URI: https://brenwp.com 5 5 * Description: Per-user Safe Mode (UI + optional safety restrictions) + role-based client restrictions for safer troubleshooting and clean client handoff. 6 * Version: 1.6. 86 * Version: 1.6.9 7 7 * Requires at least: 6.0 8 8 * Tested up to: 6.9 … … 21 21 22 22 if ( ! defined( 'BRENWP_CSM_VERSION' ) ) { 23 define( 'BRENWP_CSM_VERSION', '1.6. 8' );23 define( 'BRENWP_CSM_VERSION', '1.6.9' ); 24 24 } 25 25 if ( ! defined( 'BRENWP_CSM_FILE' ) ) { -
brenwp-client-safe-mode/trunk/languages/brenwp-client-safe-mode.pot
r3421340 r3422374 1 1 msgid "" 2 2 msgstr "" 3 "Project-Id-Version: BrenWP Client Safe Mode 1. 5.3\n"3 "Project-Id-Version: BrenWP Client Safe Mode 1.6.9\n" 4 4 "Report-Msgid-Bugs-To: https://brenwp.com\n" 5 5 "POT-Creation-Date: 2025-12-10 00:00+0000\n" -
brenwp-client-safe-mode/trunk/readme.txt
r3421419 r3422374 1 1 === BrenWP Client Safe Mode === 2 2 Contributors: brendigo 3 Tags: security, troubleshooting, hardening, client, restrictions3 Tags: security, troubleshooting, hardening, client, safe-mode 4 4 Requires at least: 6.0 5 5 Tested up to: 6.9 6 6 Requires PHP: 7.2 7 Stable tag: 1.6. 87 Stable tag: 1.6.9 8 8 License: GPLv2 or later 9 9 License URI: https://www.gnu.org/licenses/gpl-2.0.html 10 10 11 Per-user Safe Mode + role-based client restrictions for safer troubleshooting and cleanclient handoff.11 Per-user Safe Mode plus role-based client restrictions to reduce wp-admin risk during troubleshooting and client handoff. 12 12 13 13 == Description == 14 14 15 BrenWP Client Safe Mode helps you troubleshoot safely and hand off WordPress sites to clients with fewer risks.15 BrenWP Client Safe Mode is a lightweight safety layer for WordPress administration. 16 16 17 **Safe Mode is per-user**: it only affects the currently logged-in user who enabled Safe Mode. Visitors and other users are not affected.17 It is built for a common real-world workflow: you need to troubleshoot, clean up, or prepare a site for handoff, but you do not want clients (or even yourself, on a busy day) to accidentally click into plugin/theme management, run updates at the wrong time, or make file-level changes. 18 18 19 Safe Mode can optionally: 20 * Block access to risky wp-admin screens (plugin/theme management and core updates) 21 * Disable file modifications (installs, updates, editors) 22 * Hide update nags 23 * Trim the admin bar (Updates / Comments / New Content) 19 **Safe Mode is per-user.** When you enable it, only your logged-in account is affected. Visitors and other users continue using the site normally. 24 20 25 Role-based restrictions are intended for client accounts and can: 26 * Hide risky menus 27 * Block access to sensitive admin screens 28 * Disable file modifications 29 * Hide update nags 30 * Optionally limit Media Library to a user’s own uploads (privacy on multi-author sites) 21 This plugin does not “simulate” a site by filtering active plugins. Instead, it reduces risk by controlling access to sensitive wp-admin screens and (optionally) disabling file modifications. 31 22 32 Administrators are never restricted by role restrictions. 23 = Key Features = 33 24 34 = Privacy = 25 **Safe Mode (per-user)** 26 * Block access to risky wp-admin areas (Plugins, Themes, core Updates, and other sensitive screens) 27 * Disable file modifications for your account (installs, updates, theme/plugin editors) 28 * Hide update nags (optional) 29 * Trim the admin bar (optional) 30 * Auto-expire Safe Mode after a set time (optional) 31 32 **Client Restrictions (role-based)** 33 Designed for client accounts or any non-technical role: 34 * Hide risky admin menus 35 * Block access to sensitive admin screens (enforced even if someone finds the direct URL) 36 * Disable file modifications for restricted roles 37 * Hide update nags for restricted roles 38 * Optional Media Library privacy: show only the user’s own uploads (useful on multi-author sites) 39 40 **Admin safety guardrails** 41 * Administrators are never restricted by role-based restrictions 42 * Restrictions focus on preventing accidental damage while keeping day-to-day content work smooth 43 44 = Typical Use Cases = 45 * Prepare a site for client handoff (limit access to “danger zones”) 46 * Give clients access to content without exposing plugin/theme/core management 47 * Reduce risk during troubleshooting by temporarily disabling file modifications for yourself 48 * Multi-author privacy: limit Media Library visibility for specific roles 49 50 = Optional: PRO Add-on = 51 A separate plugin, **BrenWP Client Safe Mode PRO**, is available and adds advanced hardening and governance controls (for example: XML-RPC and pingback/trackback controls, role-aware REST restrictions, Application Password restrictions, and additional privacy/retention options). The free plugin remains fully usable without PRO. 52 53 == Privacy == 54 35 55 This plugin does not send data to external services. 36 56 37 57 It stores: 38 * A per-user flag in user meta (`brenwp_csm_safe_mode`) to remember whether Safe Mode is enabled for that account.58 * A per-user Safe Mode flag in user meta (`brenwp_csm_safe_mode`) to remember whether Safe Mode is enabled for that account. 39 59 * An optional per-user expiry timestamp (`brenwp_csm_safe_mode_until`) if you enable Safe Mode auto-expiry. 40 60 … … 46 66 47 67 == Installation == 68 48 69 1. Upload the plugin folder to `/wp-content/plugins/brenwp-client-safe-mode/` 49 70 2. Activate the plugin via **Plugins → Installed Plugins** 50 3. Open **BrenWP Safe Mode** in your wp-admin menu51 4. Configure **Safe Mode** and **Restrictions** as needed71 3. In wp-admin, open **BrenWP Safe Mode** 72 4. Configure **Safe Mode** options and **Role Restrictions** as needed 52 73 53 74 == Frequently Asked Questions == 54 75 55 = Does Safe Mode affect visitors ? =56 No. Safe Mode is per-user. Visitors and users without Safe Mode enabled see the normal site.76 = Does Safe Mode affect visitors or other users? = 77 No. Safe Mode is per-user. Only the account that enabled Safe Mode is affected. Visitors and other users continue normally. 57 78 58 79 = Will administrators be restricted? = 59 Administrators are never restricted by the role-based restrictions. However, if an administrator enables Safe Mode for their own account, optional Safe Mode settings (like blocking file modifications) can apply to that account. 80 Administrators are never restricted by the role-based restrictions. 81 However, if an administrator enables Safe Mode for their own account, the selected Safe Mode options (like blocking file modifications) can apply to that account. 82 83 = Does this plugin disable plugins or filter active plugins? = 84 No. This plugin does not filter active plugins. It reduces risk by blocking sensitive admin screens and (optionally) disabling file modifications for the current user and/or restricted roles. 85 86 = Can Safe Mode turn off automatically? = 87 Yes. Safe Mode can optionally auto-expire after a set number of minutes, which helps avoid leaving it enabled by accident. 88 89 = Can restricted users still access blocked pages via direct URL? = 90 Role restrictions can block access to sensitive admin screens, not just hide menus. If a restricted user tries to access a blocked screen directly, they will be redirected away. 91 92 = What does “Disable file modifications” do? = 93 It prevents common file-modifying actions such as installs, updates, and use of built-in editors. This is intended to reduce risk for client roles and during troubleshooting. 94 95 = Does the Media Library privacy option hide other authors’ uploads? = 96 Yes (when enabled for restricted roles). It can limit Media Library views to the user’s own attachments, which is useful on multi-author sites where you want upload privacy. 60 97 61 98 = Does this plugin collect personal data? = 62 It stores a per-user Safe Mode flag (user meta) so it can remember your Safe Mode setting. No tracking, analytics, or external requests.99 It stores a per-user Safe Mode flag (user meta) and an optional expiry timestamp if auto-expiry is enabled. No tracking, analytics, or external requests. 63 100 64 101 = How do I remove all plugin data? = 65 When you uninstall (delete) the plugin, it removes its option , Safe Mode user meta, and the optional `bren_client` role (best-effort).102 When you uninstall (delete) the plugin, it removes its options, Safe Mode user meta, and the optional `bren_client` role (best-effort). 66 103 67 104 == Screenshots == 68 1. Tabbed settings UI 69 2. Safe Mode tab and per-user toggle 70 3. Restrictions tab 105 106 1. Settings dashboard (Safe Mode and Restrictions) 107 2. Safe Mode toggle (per-user) and options 108 3. Role-based Restrictions configuration 71 109 72 110 == Changelog == 73 111 112 = 1.6.9 = 113 * Added Safe Mode auto-expiry option (minutes) to reduce risk when Safe Mode is left enabled. 114 * Added optional Media Library privacy filter for restricted roles (show only own uploads). 115 * Moved Upgrade content to a dedicated submenu page; removed Upgrade tab. 116 * Hardened restricted screen blocking to include Site Health. 117 * Expanded role-based capability blocking for user management capabilities. 118 * Improved admin UI styling (accent colors, hover states, small-hero layout). 119 74 120 = 1.6.8 = 75 * Admin UI: removed “Upgrade to Pro”buttons from the main screen; Pro is now only accessible via the dedicated submenu page (plus a small sidebar card).121 * Admin UI: removed "Upgrade to Pro" buttons from the main screen; Pro is now only accessible via the dedicated submenu page (plus a small sidebar card). 76 122 * UI: fixed CSS issues and improved layout stability (centered container, grid-based columns, no overlapping panels). 77 123 * Code: general cleanup and removed unused variables. … … 91 137 * Fixed Plugin Check i18n translator comments for placeholder strings. 92 138 * Removed Documentation submenu. 93 * Replaced Upgrade submenu with “Upgrade to Pro”page linking to the official brenwp.com site.139 * Replaced Upgrade submenu with "Upgrade to Pro" page linking to the official brenwp.com site. 94 140 * Refined admin UI styling for tabs, buttons, and submenu pages. 95 141 … … 98 144 * Implemented submenu page callback (previously referenced but not defined). 99 145 100 = 1.6.1 = 146 == Upgrade Notice == 147 148 = 1.6.9 = 101 149 * Added Safe Mode auto-expiry option (minutes) to reduce risk when Safe Mode is left enabled. 102 150 * Added optional Media Library privacy filter for restricted roles (show only own uploads). … … 105 153 * Expanded role-based capability blocking for user management capabilities. 106 154 * Improved admin UI styling (accent colors, hover states, small-hero layout). 107 108 = 1.5.3 =109 * Removed MU-loader logic and any active-plugins filtering.110 * Hardened escaping and admin messaging for notices.111 * Added optional Safe Mode controls (block screens, file mods, update nags, admin bar trim).112 * Improved multisite compatibility (no Settings link in Network Admin).113 114 = 1.5.2 =115 * Removed MU loader functionality.116 * Safe Mode now applies per-user safety restrictions without filtering active plugins.117 * Improved sanitization and admin redirect notice handling.
Note: See TracChangeset
for help on using the changeset viewer.