=== Advanced Access Manager - Restricted Content, Users & Roles, Enhanced Security and More ===
Contributors: vasyltech
Tags: access control, backend menu, user role, restricted content, security
Requires at least: 5.2.0
Requires PHP: 5.6.0
Tested up to: 6.6.2
Stable tag: 6.9.43
Take full control of your WordPress site with Advanced Access Manager (AAM), the ultimate plugin for managing access at the frontend, backend, and API levels for any role, user, or visitor.
== Description ==
Advanced Access Manager (aka AAM) is a powerfully robust WordPress plugin designed to help you control every aspect of your website, your way.
https://www.youtube.com/watch?v=9oU6wjlSRM8
= Key Features =
- Security Audit: Service that can quickly identified potential broken access controls, compromised accounts and server misconfigurations.
- Unparalleled Flexibility: The only plugin that offers the freedom to define highly specific access controls across your entire site, with most features available for free.
- Proven Reliability: Trusted by over 150,000 websites, AAM is rigorously tested and well-documented, ensuring top-notch quality with minimal support needed.
- Comprehensive Access Management: Control access for any role, user, or visitor, and configure default permissions for posts, pages, custom post types, categories, and taxonomies.
- Developer-Friendly: Loaded with hooks and configurations, AAM integrates seamlessly with WordPress core, providing a robust framework for custom development.
- Ad-Free Interface: Enjoy a clean, well-crafted UI without any advertisements or promotional content.
- Accessible Support: Get help whenever you need it without being a paid customer. Request support directly from your admin area.
- Transparent Premium Features: While most features are free, some advanced functionalities require premium add-ons. You'll always know when an upgrade is needed.
= Popular Features =
- Manage Backend Menu: Control backend menu access for any user or role.
- Roles & Capabilities: Customize WordPress roles and capabilities with ease.
- Authentication Tools: Manage JWT authentication seamlessly.
- Temporary User Accounts: Create and manage temporary user accounts.
- Content Access: Enjoy granular access controls for posts, pages, and custom content types (premium feature).
- Admin Toolbar Management: Customize the top admin toolbar for any role or user.
- Backend Lockdown: Restrict backend access as needed.
- Secure Login Widget: Use AJAX login widgets or shortcodes anywhere on your site.
- API Management: Enable/disable RESTful and XML-RPC APIs.
- URI Access Control: Control access to pages via URLs and set custom redirects (premium feature).
- Endpoint Access: Manage access to individual RESTful endpoints.
- Passwordless Login: Allow password-free login via URL.
- Content Filtering: Use AAM shortcodes to filter or replace content.
- Redirects: Set custom login, logout, 404, and access denied redirects.
- Metaboxes & Widgets: Manage metaboxes and widgets visibility.
- IP Address & Domain Access: Control access based on IP or referred domain (premium feature).
- Multiple Role Support: Assign multiple roles to users.
- And more...
= Security and Privacy =
AAM is committed to your security and privacy:
- No alterations to your website's database.
- No reading of files outside the AAM plugin folder.
- No creation, modification, or deletion of server files or folders.
- No external data capture or transmission about plugin usage or server details.
- No direct integration with other plugins.
- No user session impersonation or swapping; authentication is managed by WordPress core.
- No advertisements or affiliate links.
Discover the power and flexibility of Advanced Access Manager and take control of your WordPress site today!
== Installation ==
- Upload
advanced-access-manager folder to the /wp-content/plugins/ directory
- Activate the plugin through the 'Plugins' menu in WordPress
== Screenshots ==
- Manage access to backend menu
- Manage access to metaboxes & widgets
- Manage capabilities for roles and users
- Manage access to posts, pages, media or custom post types
- Posts and pages access options form
- Define access to posts and categories while editing them
- Manage access denied redirect rule
- Manage user login redirect
- Manage 404 redirect
- Create your own content teaser for limited content
- Improve your website security
== Changelog ==
= 6.9.43=
= 6.9.42 =
= 6.9.41 =
= 6.9.39 =
= 6.9.38 =
= 6.9.37 =
= 6.9.36 =
= 6.9.35 =
= 6.9.34 =
= 6.9.33 =
= 6.9.32 =
= 6.9.31 =
= 6.9.30 =
= 6.9.29 =
= 6.9.28 =
= 6.9.27 =
= 6.9.26 =
= 6.9.25 =
= 6.9.24 =
= 6.9.23 =
= 6.9.22 =
= 6.9.21 =
= 6.9.20 =
= 6.9.19 =
= 6.9.18 =
= 6.9.17 =
= 6.9.16 =
= 6.9.14 =
= 6.9.13 =
= 6.9.12 =
= 6.9.11 =
= 6.9.10 =
= 6.9.9 =
= 6.9.8 =
= 6.9.7 =
= 6.9.6 =
= 6.9.5 =
= 6.9.4 =
= 6.9.3 =
= 6.9.2 =
= 6.9.1 =
= 6.9.0 =
= 6.8.5 =
= 6.8.4 =
= 6.8.3 =
= 6.8.2 =
= 6.8.1 =
= 6.8.0 =
- Changed: Enhanced security pasture by escaping potentially harmful output, if information was directly modified in the DB or not escaped during storing AAM settings, reported by WordPress Plugin Review Team
- Fixed: Cleared potentially corrupted data about status of premium add-ons.
- Changed: Re-opened direct communication with the AAM developer through the Slack channel https://aamplugin.com/support
= 6.7.9 =
= 6.7.8 =
- Changed: Adjusted suite of automated tests, confirmed that AAM is compatible with the latest WP version
= 6.7.7 =
= 6.7.6 =
= 6.7.5 =
= 6.7.4 =
= 6.7.3 =
= 6.7.2 =
= 6.7.1 =
= 6.7.0 =
= 6.6.4 =
= 6.6.3 =
= 6.6.2 =
= 6.6.1 =
= 6.6.0 =
= 6.5.4 =
= 6.5.3 =
= 6.5.2 =
= 6.5.1 =
= 6.5.0 =
= 6.4.3 =
= 6.4.2 =
= 6.4.1 =
= 6.4.0 =
= 6.3.3 =
= 6.3.2 =
= 6.3.1 =
= 6.3.0 =
= 6.2.2 =
- Fixed Bug: Backend Dashboard index.php still could be restricted with Backend Menu service
- Fixed Bug: Policy Generator - Fatal error with PHP lower than 7.0.0
- Fixed Bug: Policy Validator - Improper dependency validation when if it is not installed
- Fixed Bug: Default access settings not propagated to user that does not have any roles (multisite setup)
- Fixed Bug: Reset settings where not synced across all subsites in multisite setup
- Added New: Ability to define wildcard BackendMenu resource with Access Policy
- Added New: Ability to define wildcard Metabox resource with Access Policy
- Added New: Ability to define wildcard Widget resource with Access Policy
- Added New: Ability to define wildcard Toolbar resource with Access Policy
= 6.2.1 =
- Fixed Bug: Very minor UI issue with Access Policy Delete pop-up
- Added New: Enhanced Access Policy with new POLICY_META token
- Change: Access Policy post type supports custom fields now
= 6.2.0 =
= 6.1.1 =
- Fixed Bug: Unnecessary backslashes before displaying the access policy https://forum.aamplugin.com/d/432-access-policy-ui-escaping-slashes
- Fixed Bug: aam_access_dashboard custom capability caused "Access Denied"
- Change: Enforcing default
307 Temporary Redirect code if none is provided for any AAM redirect functionality
- Change: Persisting the last managed role, user or visitor on the AAM page
- Change: Improved safety by using the last role on the list instead of the default Administrator role
- Change: Optimized access policy service. Changed the way it is applied to any given object
- Added New: Migration script that clears previously detected migration errors
= 6.1.0 =
- Fixed Bug: Access Policy UI - the "Attach to Default" button was not rendering correctly
- Fixed Bug: Role Management UI - the PHP notice where
Undefined variable: parent
- Fixed Bug: AAM UI page - improperly compressed HTML response if server config does not match PHP executable INI settings
- Fixed Bug: Login Redirect Settings - incorrectly merged settings for multi-role support
- Fixed Bug: Logout Redirect Settings - incorrectly merged settings for multi-role support
- Fixed Bug: Access Denied Redirect Settings - incorrectly merged settings for multi-role support
- Fixed Bug: API Route Settings - incorrectly halted inheritance mechanism
- Fixed Bug: Admin Toolbar Settings - incorrectly halted inheritance mechanism
- Fixed Bug: URI Access Settings - incorrectly halted inheritance mechanism
- Fixed Bug: Content Visibility Settings - incorrectly merged settings for multi-role support
- Fixed Bug: Access Policy Core - incorrectly managed internal cache
- Fixed Bug: AAM Core - incorrectly managed internal object cache
- Fixed Bug: Content Service - incorrectly mapped
do_not_allow capability if any of the registered post types have it
- Fixed Bug: Content Service - fatal error
Cannot use object of type Closure as array https://forum.aamplugin.com/d/354-php-fatal-error-cannot-use-object-of-type-closure-as-array
- Fixed Bug: The
aam_show_toolbar capability was not taken in consideration
- Fixed Bug: Logout Redirect Service - White screen occurs if "Default" option is explicitly selected https://wordpress.org/support/topic/blank-log-out-page-on-6-0-5/
- Change: Refactored internal inheritance mechanism where AAM objects no longer responsible to check for inheritance flag. This eliminates several constrains that we discovered recently.
- Change: Multiple minor changes to the codebase to consume internal AAM API in more consistent way
- Change: JWT & Secure Login Services - enriched RESTful API error responses with more details about an error
- Change: Content Service - optimization improvements
- Added New: Implemented new filter
aam_token_typecast_filter for Access Policy for custom type casting
- Added New: Implemented support for the
=> (map to) operator for the Access Policy
- Added New: Implemented support for the AAM_CONFIG marker for the Access Policy
= 6.0.5 =
= 6.0.4 =
= 6.0.3 =
= 6.0.2 =
= 6.0.1 =
= 6.0.0 =
- Complete rewrite of the entire plugin. For more information, check this article
= 5.0 =
- Added ACCESS COUNTER option to Posts & Pages
- Added premium MONETIZE option to Posts & Pages
- Added ability to turn off "Secure Login" feature
- Added ability to toggle extension status (active/inactive)
- Added ability for AAM to filter out Admin Top Bar based on restricted admin menus
- Deprecated AAM Role Filter extension and merged it to the AAM core
- Deprecated AAM Payment extension and merged it with AAM E-Commerce extension
- Deprecated ConfigPress options that manage access to AAM UI. All is based on capabilities from now.
- Split UI to three areas: Access, Settings and Extensions
- Fixed over 25+ reported bugs and discovered during internal refactoring
- Removed deprecated "Security" feature. Replaced with Secure Login Widget
- Removed deprecated "Teaser" feature. Replaced with Teaser Message per post base
= 4.0 =
- Added link Access to category list
- Added shortcode [aam] to manage access to the post's content
- Moved AAM Redirect extension to the basic AAM package
- Moved AAM Login Redirect extension to the basic AAM package
- Moved AAM Content Teaser extension to the basic AAM package
- Set single password for any post or posts in any category or post type
- Added two protection mechanism from login brute force attacks
- Added double authentication mechanism
- Few minor core bug fixings
- Improved multisite support
- Improved caching mechanism
= 3.0 =
- Brand new and much more intuitive user interface
- Fully responsive design
- Better, more reliable and faster core functionality
- Completely new extension handler
- Added "Manage Access" action to the list of user
- Tested against WP 3.8 and PHP 5.2.17 versions
= 2.0 =
- New UI
- Robust and completely new core functionality
- Over 3 dozen of bug fixed and improvement during 3 alpha & beta versions
- Improved Update mechanism
= 1.0 =
- Fixed issue with comment editing
- Implemented JavaScript error catching