內容簡介
總結:BrenWP Client Safe Mode幫助您安全地進行故障排除,並以較少風險將WordPress站點交給客戶。
問題與答案:
1. 這個外掛如何幫助您安全地進行故障排除和交付WordPress站點給客戶?
- BrenWP Client Safe Mode幫助您安全地進行故障排除並將WordPress站點交付給客戶,減少風險。
2. Safe Mode對哪個使用者有效?其他使用者會受到影響嗎?
- Safe Mode是以每位使用者為單位進行設置,僅影響目前已登入並啟用Safe Mode的使用者,訪客和其他使用者不受影響。
3. Safe Mode可以選擇性地有哪些功能?
- 可選擇性地封鎖訪問風險的wp-admin畫面(外掛/佈景主題管理和核心更新)
- 禁用文件修改(安裝、更新、編輯器)
- 隱藏更新提示
- 簡化管理列(更新/評論/新內容)
4. 什麼是針對客戶帳戶的基於角色的限制?這些限制可以做什麼?
- 基於角色的限制旨在客戶帳戶,可以隱藏風險的選單、封鎖訪問敏感的管理畫面、禁用文件修改、隱藏更新提示。
5. 此外掛是否會向外部服務傳送數據?它存儲了什麼數據?
- 此外掛不會向外部服務傳送數據,它存儲每位使用者的標誌在用戶元數據中(brenwp_csm_safe_mode),以記住該帳戶是否已啟用Safe Mode。
外掛標籤
開發者團隊
原文外掛簡介
BrenWP Client Safe Mode helps you troubleshoot safely and reduce risk when handing a WordPress site to clients or non-technical users.
Safe Mode is per-user: it applies only to the currently logged-in user who enabled it. Visitors and other users are not affected.
Safe Mode (per-user) can optionally
Block access to risky wp-admin screens (plugin/theme management, core updates, Site Health, and update actions)
Disable file modifications (plugin/theme installs, updates, editors)
Optionally block update/install capabilities (prevents running updates/installs even via alternative flows)
Optionally block destructive capabilities (prevents deleting plugins/themes while Safe Mode is enabled)
Optionally disable the built-in plugin/theme editors (capability-based) while Safe Mode is enabled
Hide update notices
Trim selected admin bar nodes (Updates / Comments / New Content)
Auto-disable after a configurable number of minutes (optional)
Client restrictions (role-based + optional user targeting) can
Optionally target a specific user account (in addition to roles)
Hide risky menus
Block direct access to sensitive wp-admin screens
Disable file modifications
Hide update notices
Optionally limit the Media Library to a user’s own uploads (privacy on multi-author sites)
Optionally hide common Dashboard widgets for restricted roles (UI cleanup)
Optionally hide the Screen Options dropdown (independent toggle)
Optionally hide the Admin Bar on the front end for restricted roles
Optionally block Customizer access (customize.php)
Optionally block Users screens (Users list/Add/Edit) even if the broader screen blocklist is disabled
Optionally block Tools screens (Tools/Import/Export) even if the broader screen blocklist is disabled
Optionally lock profile email/password changes for restricted roles (prevents self-service account takeover)
Optionally show a dismissible 2FA security reminder notice (notice only)
Optionally hide the Admin Bar on the front end for restricted roles
General hardening (site-wide, optional)
Disable XML-RPC
Disable the built-in plugin/theme editors for all users (capability-based)
Optional settings export download (admin-only) via a nonce-protected endpoint (default OFF)
Administrators are never restricted by client restrictions. On multisite, super-admins are also excluded.
Privacy
This plugin does not send data to external services. It performs no tracking, telemetry, analytics, or “phone-home” requests.
Data stored on your site
The plugin stores the minimum required data to provide Safe Mode and optional auditing:
Options (Settings): stored in the brenwp_csm_options option (site option). This contains your configured settings.
Activity log (optional): stored in the brenwp_csm_activity_log option only if Activity logging is enabled. This log is bounded by Max entries and can optionally be pruned by age (Retention days).
Operational options: internal housekeeping options such as brenwp_csm_last_settings_change and a short-lived lock key used to avoid concurrent log writes.
User meta (Safe Mode):
brenwp_csm_safe_mode (on/off flag for a user)
brenwp_csm_safe_mode_until (optional expiry timestamp if auto-off is enabled)
Data minimization and retention
Activity logging is disabled by default.
The activity log does not store IP addresses and attempts to redact likely secrets from context values.
Retention controls:
Max entries caps log size.
Retention days can automatically prune older entries (0 = disabled).
The Clear log action removes all log entries immediately (admin-only, nonce protected).
Privacy tools
The plugin:
* Adds suggested text to the Privacy Policy Guide (Settings → Privacy)
* Registers a personal data exporter and eraser for the Safe Mode user meta
Data deletion
On uninstall (delete), the plugin removes its options, optional log option, Safe Mode user meta, and (best-effort) the optional bren_client role if it was created by the plugin.
Security
This plugin follows WordPress hardening best practices:
CSRF protection: all state-changing actions use POST and require a WordPress nonce.
Authorization: privileged admin actions are gated by capability checks (manage_options by default, filterable).
XSS defense: user-controlled data is sanitized on input and escaped on output.
No remote requests: the plugin does not make outbound HTTP requests.
Data minimization: the activity log is bounded, does not store IP addresses, and redacts likely secrets in log context values.
Assumptions and scope:
The plugin enforces policies inside WordPress; it does not replace server/WAF hardening.
Safe Mode is per-user and does not modify the site’s active plugins/themes list.
Troubleshooting
I don’t see the Safe Mode toggle in the admin bar
Confirm the WordPress admin bar is enabled for your account.
Confirm Enforcement is enabled in the plugin settings.
Confirm your role is included in Who can toggle Safe Mode (or you are an administrator / multisite super-admin).
My profile email/password cannot be changed
If Restrictions → Lock profile email/password is enabled and your account is restricted, you will not be able to change your own email or password. Contact an administrator.
XML-RPC stopped working
If you rely on legacy services that require XML-RPC (some old mobile apps / integrations), disable General → Disable XML-RPC.
I get redirected with an “Access blocked” notice
A configured policy blocked a sensitive admin screen. Review:
* Restrictions → Block direct screen access (for restricted roles)
* Safe Mode → Block risky admin screens (for your account if Safe Mode is enabled)
Safe Mode is enabled but I want to turn it off
Use the Safe Mode tab to toggle it off.
If auto-off is enabled, it will disable automatically after the configured time window.
If Enforcement is OFF, the UI provides a Clear stored Safe Mode button to remove the stored flag.
Developer Hooks
Filters:
* brenwp_csm_required_cap — change the capability required to manage this plugin (default: manage_options).
* brenwp_csm_presets — customize Dashboard presets (label/description/patch arrays).
* brenwp_csm_create_client_role — return false to prevent creating the bren_client role on activation.
* brenwp_csm_client_role_caps — customize capabilities assigned to the bren_client role on activation.
* brenwp_csm_remove_client_role_on_uninstall — return false to keep the bren_client role during uninstall cleanup.
