外掛標籤
開發者團隊
② 後台搜尋「Page Authority – Allowed Domains」→ 直接安裝(推薦)
原文外掛簡介
Allowed Email Domains gives administrators a simple way to restrict WordPress user accounts to approved email domains.
The plugin is designed for sites where only users from specific organizations, companies, clients, or teams should be added as WordPress users.
Features include:
Admin-managed allowed domain list
Standard WordPress registration enforcement
REST API user creation/update enforcement
WooCommerce registration enforcement
Existing User Audit tools
Optional login enforcement
Per-user unauthorized account removal with content reassignment
Multisite-aware protections
Lightweight architecture with no custom database tables
Security Notes
The plugin includes:
Capability checks
Nonce verification (verified before any state-changing logic runs)
Sanitization and escaping
Live revalidation before destructive actions
Current-admin protection
Multisite Super Admin protection
Explicit content reassignment or delete confirmation before user removal
Recommended operational practices:
Review the Existing User Audit before enabling login blocking
Test custom registration and SSO flows before production rollout
Maintain regular database backups before deleting users
Restrict plugin management access to trusted administrators only
Uninstall
Deleting the plugin removes its current options:
pageauth_allowed_domains
pageauth_audit_log
pageauth_block_unauthorized_logins
It also cleans up internal flags, transients, user meta, and any leftover keys from prior plugin versions that used the paad_ or aed_ prefixes. On multisite, the matching network options are removed as well.
