Perform maintenance tasks. Protection against hackers. Optimise your site. All in one, neat bundle.
Top Features
Maintain
Optimise your database tables. Clean your temporary directory. Or perform any of the countless other daily maintenance tasks with a single click each.
Redirect easily
PRO Do you find the Redirect component hard to use? Are you puzzled by its inability to redirect URLs with parameters? No problem! Admin Tools' URL Redirect can do that. And much more.
Change permissions
Fine-tune your file permissions without having to use FTP or SSH.
Protect your site
PRO Our Web Application Firewall protects your site against the vast majority of common attacks. You won't find any security tool more feature-complete than this.
.htaccess / web.config Maker
PRO Give your site the best overall protection. Create a sophisticated, secure .htaccess or web.config configuration with an easy GUI. You don't have to be an expert. Or even know how these files work.
Watch. Sniff. Catch.
PRO Admin Tools' PHP File Change Scanner will monitor your site's PHP files for changes. If something is amiss, it will let you know. It will even tell you which files might have been hacked.
Automate it
PRO Let the most useful maintenance operations run automatically. Use a CRON to keep the file change scanner ticking while you're fast asleep. Simply and efficiently.
All Features
| Admin Tools for WordPress | Core | Professional |
|---|---|---|
| Download Core | Subscribe for Pro Access | |
Emergency Off-Line switchPut your site securely off-line in the case of an attack |
Included in Core | Included in Pro |
Master PasswordPrevent that client from breaking their site by »doing nothing« |
Included in Core | Included in Pro |
Customize PermissionsACL: fine-grained permissions, controlling which Admin Tools features each user can access. |
Included in Core | Included in Pro |
Password protect WP administrationProtect access to your wp-admin directory with a username and password. |
Included in Core | Included in Pro |
Change File & Folder PermissionsEasily change the permissions of all files and folders on your server. Permissions are fully customizable. |
Included in Core | Included in Pro |
On-the-fly link rewriteAutomatically rewrite links to point to your new site. Optionally convert HTTP links to HTTPS. |
Included in Core | Included in Pro |
Update WordPress saltsUpdate the WordPress salts in wp-config.php for maximum security when you create copies of sites. |
Included in Core | Included in Pro |
Password expirationForce users to change their passwords at a regular interval you define. You can choose which roles this policy applies to. |
Included in Core | Included in Pro |
Post auto-save optimizationChoose how often WordPress auto-saves posts as you edit them and how many revisions of each post it will keep. |
Not Included in Core | Included in Pro |
WordPress trash intervalChoose when WordPress will permanently delete posts, pages, attachments and comments from the trash bin. Or have it skip the trash bin altogether. |
Not Included in Core | Included in Pro |
Manage WordPress hidden featuresEasily manage WordPress features which are normally only accessible by editing the wp-config.php file such as: disable file editing, WordPress debug mode and debug log, JavaScript concatenation, memory limit and WordPress page caching. |
Not Included in Core | Included in Pro |
Repair and optimise tablesRepair and optimise all of your site's tables. |
Included in Core | Included in Pro |
URL redirectionRedirect old URLs or make your own URL shortener with features far beyond Joomla!'s |
Not Included in Core | Included in Pro |
Malware detectionMonitor your site for changed or added PHP files and assess their potential for malicious behaviour |
Not Included in Core | Included in Pro |
Settings import / exportEasily duplicate Admin Tools settings between your WordPress sites. |
Not Included in Core | Included in Pro |
.htaccess and web.config Maker |
||
Disable directory listings |
Not Included in Core | Included in Pro |
Protect against common file injection attacks |
Not Included in Core | Included in Pro |
Disable PHP Easter Eggs |
Not Included in Core | Included in Pro |
Block access to security-sensitive filesBlock web access to files such as htaccess.txt, php.ini, wp-config-sample.php or readme.html in your site's root |
Not Included in Core | Included in Pro |
Protect against clickjacking |
Not Included in Core | Included in Pro |
Reduce MIME type security risks |
Not Included in Core | Included in Pro |
Reflected XSS prevention |
Not Included in Core | Included in Pro |
Remove Apache and PHP version signature |
Not Included in Core | Included in Pro |
Prevent content transformation |
Not Included in Core | Included in Pro |
Block specific user agents |
Not Included in Core | Included in Pro |
Block direct access to PHP filesProtection against direct access to PHP files. It can even block access to uploaded hacking scripts, mitigating the attack. |
Not Included in Core | Included in Pro |
Force index.php parsing before index.html |
Not Included in Core | Included in Pro |
Optimise expiration time(good for SEO) |
Not Included in Core | Included in Pro |
Compress static resourcesAutomatically compress static resources such as images, CSS, JS |
Not Included in Core | Included in Pro |
Redirect index.php to site root |
Not Included in Core | Included in Pro |
Redirect www / non-wwwRedirect www to non-www, or non-www to www site, e.g. http://example.com to http://www.example.com |
Not Included in Core | Included in Pro |
Redirect old domain name to new domain name |
Not Included in Core | Included in Pro |
Force HTTPS for specific URLsForce HTTPS even when WordPress doesn't let you to |
Not Included in Core | Included in Pro |
Force HSTS headerIncrease HTTPS security by telling browsers to never access the unprotected HTTP version of your site. |
Not Included in Core | Included in Pro |
Disable HTTP methods TRACE and TRACKProtect your site against XST attacks |
Not Included in Core | Included in Pro |
Control the Cross-Origin Resource Sharing (CORS) policy of your site |
Not Included in Core | Included in Pro |
Control if and what ETags will be sentOptimize client-side caching of your site's content, especially when it's behind a load balancer. |
Not Included in Core | Included in Pro |
Web Application Firewall |
||
Customised exceptionsDown to the component, view or query string level |
Included in Core | Included in Pro |
Full logging of blocked requests |
Included in Core | Included in Pro |
E-Mail Notification at security exceptionSend out an email when a security exception occurrs |
Included in Core | Included in Pro |
IP deny listPrevent access to your site by specific IP addresses or blocks of IP addresses |
Not Included in Core | Included in Pro |
Administrator IP exclusive allow listOnly allow access to your site's administrator section by specific blocks of IP addresses |
Not Included in Core | Included in Pro |
Change administrator login URL(e.g. use http://www.example.com/mylogin instead of http://www.example.com/wp-login) |
Not Included in Core | Included in Pro |
Away schedulePrevent logging into wp-admin during a preset period every day, e.g. when you're definitely asleep. |
Included in Core | Included in Pro |
SQLiShield protectionCatch and prevent most SQL injection attacks |
Included in Core | Included in Pro |
Remote File Inclusion block(RFIShield) |
Included in Core | Included in Pro |
Remote PHP protocol block(PHPShield) |
Included in Core | Included in Pro |
Uploads scanner(UploadShield) |
Included in Core | Included in Pro |
Anti-spam filteringBased on Bad Words list |
Not Included in Core | Included in Pro |
Custom login error messageDon't tell the bad guys if a certain username exists on your site or not |
Not Included in Core | Included in Pro |
Remove RSS links |
Not Included in Core | Included in Pro |
Remove blog client links |
Not Included in Core | Included in Pro |
Change login session duration |
Not Included in Core | Included in Pro |
Disable editing users' propertiesPrevent Administrator / Super Administrator accounts from being edited. |
Not Included in Core | Included in Pro |
Block email domains from user registration |
Not Included in Core | Included in Pro |
Hide/customise generator meta tag |
Included in Core | Included in Pro |
Project Honeypot's HTTP:BL integrationIntegration with Project Honeypot's HTTP:BL anti-spam / anti-hacker IP blocking directory |
Included in Core | Included in Pro |
Auto-ban IPsAuto-ban IPs causing excessive security exceptions (fully customisable) |
Not Included in Core | Included in Pro |
Login E-Mail NotificationSend email on successful or failed administrator login |
Not Included in Core | Included in Pro |
Customisable email templates and rate throttling for Admin Tools emails |
Not Included in Core | Included in Pro |
Disclaimer
Automated security software, like Admin Tools, can only enhance your site's security, not positively prevent all known and yet-to-be-known attacks against your site. You are strongly recommended, under all circumstances, to follow sane security practices —like updating your site's software regularly and keeping backups— on top of using this product.