前言介紹
- 這款 WordPress 外掛「BrenWP Client Safe Mode」是 2025-12-15 上架。
- 目前尚無安裝啟用數,是個很新的外掛。如有要安裝使用,建議多測試確保功能沒問題!
- 上一次更新是 2026-01-06,距離現在已有 50 天。
- 外掛最低要求 WordPress 6.0 以上版本才可以安裝。
- 外掛要求網站主機運作至少需要 PHP 版本 7.4 以上。
- 尚未有人給過這款外掛評分。
- 還沒有人在論壇上發問,可能目前使用數不多,還沒有什麼大問題。
外掛協作開發者
brendigo |
外掛標籤
Client | security | hardening | restrictions | troubleshooting |
內容簡介
總結:BrenWP Client Safe Mode幫助您安全地進行故障排除,並以較少風險將WordPress站點交給客戶。
問題與答案:
1. 這個外掛如何幫助您安全地進行故障排除和交付WordPress站點給客戶?
- BrenWP Client Safe Mode幫助您安全地進行故障排除並將WordPress站點交付給客戶,減少風險。
2. Safe Mode對哪個使用者有效?其他使用者會受到影響嗎?
- Safe Mode是以每位使用者為單位進行設置,僅影響目前已登入並啟用Safe Mode的使用者,訪客和其他使用者不受影響。
3. Safe Mode可以選擇性地有哪些功能?
- 可選擇性地封鎖訪問風險的wp-admin畫面(外掛/佈景主題管理和核心更新)
- 禁用文件修改(安裝、更新、編輯器)
- 隱藏更新提示
- 簡化管理列(更新/評論/新內容)
4. 什麼是針對客戶帳戶的基於角色的限制?這些限制可以做什麼?
- 基於角色的限制旨在客戶帳戶,可以隱藏風險的選單、封鎖訪問敏感的管理畫面、禁用文件修改、隱藏更新提示。
5. 此外掛是否會向外部服務傳送數據?它存儲了什麼數據?
- 此外掛不會向外部服務傳送數據,它存儲每位使用者的標誌在用戶元數據中(brenwp_csm_safe_mode),以記住該帳戶是否已啟用Safe Mode。
原文外掛簡介
BrenWP Client Safe Mode helps you troubleshoot safely and reduce risk when handing a WordPress site to clients or non-technical users.
Safe Mode is per-user: it applies only to the currently logged-in user who enabled it. Visitors and other users are not affected.
Safe Mode (per-user) can optionally
Block access to risky wp-admin screens (plugin/theme management, core updates, Site Health, and update actions)
Disable file modifications (plugin/theme installs, updates, editors)
Optionally block update/install capabilities (prevents running updates/installs even via alternative flows)
Optionally block destructive capabilities (prevents deleting plugins/themes while Safe Mode is enabled)
Optionally disable the built-in plugin/theme editors (capability-based) while Safe Mode is enabled
Hide update notices
Trim selected admin bar nodes (Updates / Comments / New Content)
Auto-disable after a configurable number of minutes (optional)
Client restrictions (role-based + optional user targeting) can
Optionally target a specific user account (in addition to roles)
Hide risky menus
Block direct access to sensitive wp-admin screens
Disable file modifications
Hide update notices
Optionally limit the Media Library to a user’s own uploads (privacy on multi-author sites)
Optionally hide common Dashboard widgets for restricted roles (UI cleanup)
Optionally hide the Screen Options dropdown (independent toggle)
Optionally hide the Admin Bar on the front end for restricted roles
Optionally block Customizer access (customize.php)
Optionally block Users screens (Users list/Add/Edit) even if the broader screen blocklist is disabled
Optionally block Tools screens (Tools/Import/Export) even if the broader screen blocklist is disabled
Optionally lock profile email/password changes for restricted roles (prevents self-service account takeover)
Optionally show a dismissible 2FA security reminder notice (notice only)
Optionally hide the Admin Bar on the front end for restricted roles
General hardening (site-wide, optional)
Disable XML-RPC
Disable the built-in plugin/theme editors for all users (capability-based)
Optional settings export download (admin-only) via a nonce-protected endpoint (default OFF)
Administrators are never restricted by client restrictions. On multisite, super-admins are also excluded.
Privacy
This plugin does not send data to external services. It performs no tracking, telemetry, analytics, or “phone-home” requests.
Data stored on your site
The plugin stores the minimum required data to provide Safe Mode and optional auditing:
Options (Settings): stored in the brenwp_csm_options option (site option). This contains your configured settings.
Activity log (optional): stored in the brenwp_csm_activity_log option only if Activity logging is enabled. This log is bounded by Max entries and can optionally be pruned by age (Retention days).
Operational options: internal housekeeping options such as brenwp_csm_last_settings_change and a short-lived lock key used to avoid concurrent log writes.
User meta (Safe Mode):
brenwp_csm_safe_mode (on/off flag for a user)
brenwp_csm_safe_mode_until (optional expiry timestamp if auto-off is enabled)
Data minimization and retention
Activity logging is disabled by default.
The activity log does not store IP addresses and attempts to redact likely secrets from context values.
Retention controls:
Max entries caps log size.
Retention days can automatically prune older entries (0 = disabled).
The Clear log action removes all log entries immediately (admin-only, nonce protected).
Privacy tools
The plugin:
* Adds suggested text to the Privacy Policy Guide (Settings → Privacy)
* Registers a personal data exporter and eraser for the Safe Mode user meta
Data deletion
On uninstall (delete), the plugin removes its options, optional log option, Safe Mode user meta, and (best-effort) the optional bren_client role if it was created by the plugin.
Security
This plugin follows WordPress hardening best practices:
CSRF protection: all state-changing actions use POST and require a WordPress nonce.
Authorization: privileged admin actions are gated by capability checks (manage_options by default, filterable).
XSS defense: user-controlled data is sanitized on input and escaped on output.
No remote requests: the plugin does not make outbound HTTP requests.
Data minimization: the activity log is bounded, does not store IP addresses, and redacts likely secrets in log context values.
Assumptions and scope:
The plugin enforces policies inside WordPress; it does not replace server/WAF hardening.
Safe Mode is per-user and does not modify the site’s active plugins/themes list.
Troubleshooting
I don’t see the Safe Mode toggle in the admin bar
Confirm the WordPress admin bar is enabled for your account.
Confirm Enforcement is enabled in the plugin settings.
Confirm your role is included in Who can toggle Safe Mode (or you are an administrator / multisite super-admin).
My profile email/password cannot be changed
If Restrictions → Lock profile email/password is enabled and your account is restricted, you will not be able to change your own email or password. Contact an administrator.
XML-RPC stopped working
If you rely on legacy services that require XML-RPC (some old mobile apps / integrations), disable General → Disable XML-RPC.
I get redirected with an “Access blocked” notice
A configured policy blocked a sensitive admin screen. Review:
* Restrictions → Block direct screen access (for restricted roles)
* Safe Mode → Block risky admin screens (for your account if Safe Mode is enabled)
Safe Mode is enabled but I want to turn it off
Use the Safe Mode tab to toggle it off.
If auto-off is enabled, it will disable automatically after the configured time window.
If Enforcement is OFF, the UI provides a Clear stored Safe Mode button to remove the stored flag.
Developer Hooks
Filters:
* brenwp_csm_required_cap — change the capability required to manage this plugin (default: manage_options).
* brenwp_csm_presets — customize Dashboard presets (label/description/patch arrays).
* brenwp_csm_create_client_role — return false to prevent creating the bren_client role on activation.
* brenwp_csm_client_role_caps — customize capabilities assigned to the bren_client role on activation.
* brenwp_csm_remove_client_role_on_uninstall — return false to keep the bren_client role during uninstall cleanup.
各版本下載點
- 方法一:點下方版本號的連結下載 ZIP 檔案後,登入網站後台左側選單「外掛」的「安裝外掛」,然後選擇上方的「上傳外掛」,把下載回去的 ZIP 外掛打包檔案上傳上去安裝與啟用。
- 方法二:透過「安裝外掛」的畫面右方搜尋功能,搜尋外掛名稱「BrenWP Client Safe Mode」來進行安裝。
(建議使用方法二,確保安裝的版本符合當前運作的 WordPress 環境。
延伸相關外掛(你可能也想知道)
Restrict Usernames 》這個外掛允許你限制使用者在註冊網站時可以使用的使用者名稱。, 如果在你的網站啟用了公開註冊(透過「設定」-> 「一般」-> 「會員資格」(「任何人都可以註...。
Restrict Payment Methods For WooCommerce 》WooCommerce Restrict Payment Methods 是一款針對 WooCommerce 結帳流程的限制付款方式外掛。, 功能, ✅ 一鍵安裝, ✅ 設定多個限制規則, ✅...。
WC Coupons by Country 》在 WooCommerce 優惠券中添加國家使用限制的外掛程式, 此外掛程式可透過客戶的帳單或運送國家,在 WooCommerce 優惠券中添加對特定國家的使用限制。, 請注意...。
WPC Checkout Restrictions for WooCommerce 》```html, <!DOCTYPE html>, <html>, <body>, , <h3>WPC Checkout Restrictions - WordPress 外掛介紹</h3>, , <p>WPC C...。
Better Coupon Restrictions for WooCommerce 》段落總結:Better Coupon Restrictions 為您的 WooCommerce 折扣碼新增了額外的限制條件和選項。啟用後,在優惠券編輯畫面中將看到一個新的「Better Coupon R...。
WordPress Restrictions 》WordPress Restrictions 可以讓您在 WordPress 安裝中設置限制,控制何時和何種內容可以被編輯或刪除。, 支援功能:, , 選項可設置時間範圍(以天為單位),...。
Category Children Coupons for WooCommerce 》<strong>外掛總結:</strong>, <p>Category Children Coupons for WooCommerce提供了對WooCommerce內建優惠券類別限制的完全替代方案,並...。