內容簡介
總結:
User Access Blocker 是一個簡單但功能強大的 WordPress 外掛,允許管理員暫時或永久封鎖使用者訪問權限,而不會刪除他們的帳戶。適用於需要進行調查時暫停用戶訪問、暫時禁用未支付帳戶、封鎖問題使用者並保留其內容、以及在維護或轉換期間管理用戶訪問的情況。
問題與答案:
1. 如何使用 "User Access Blocker" 外掛暫時封鎖一個使用者的訪問權限?
- 前往 WordPress 管理員中的任何使用者個人資料頁面
- 捲動至 "存取控制" 部分
- 點擊 "封鎖訪問" 以防止該使用者登錄
2. 當用戶被封鎖時,他們會看到什麼訊息?
- 封鎖的用戶將看到:"您的帳戶已被封鎖。請聯絡管理員。"
3. 這個外掛具有哪些安全功能?
- 僅限管理員功能
- 所有操作均為獨立驗證
- 多層次權限檢查
- 資料消毒和驗證
- 安全的 AJAX 實作
- 透過適當轉義(XSS)保護
- 為了安全審計,記錄所有封鎖/解除封鎖操作
4. 如何卸載這個外掛?
- 透過 WordPress 管理員刪除時,外掛會執行適當的卸載程式,從資料庫中刪除所有外掛數據。
外掛標籤
開發者團隊
原文外掛簡介
User Access Blocker is a simple yet powerful WordPress plugin that allows administrators to temporarily or permanently block user access without deleting their accounts. This is perfect for situations where you need to:
Suspend user access during investigations
Temporarily disable accounts for non-payment
Block problematic users while preserving their content
Manage user access during maintenance or transitions
Key Features
Easy Toggle: Simple “Block Access” / “Unblock Access” button on user profiles
Instant Effect: Blocked users are immediately prevented from logging in
AJAX Powered: Block/unblock users without page refresh
Secure: Multiple permission checks and nonce verification
Non-Destructive: User accounts, posts, and data remain intact
Admin Only: Only administrators can block/unblock users
Self-Protection: Administrators cannot block themselves
Activity Logging: All block/unblock actions are logged for security audits
Clean Uninstall: Removes all plugin data when deleted
How It Works
Navigate to any user’s profile page in WordPress admin
Scroll to the “Access Control” section
Click “Block Access” to prevent the user from logging in
Click “Unblock Access” to restore their access
Blocked users will see: “Your account has been blocked. Please contact the administrator.”
Security Features
Administrator-only functionality
Nonce verification on all actions
Permission checks at multiple levels
Data sanitization and validation
Secure AJAX implementation
XSS protection through proper escaping
Activity logging for audit trails
Developer Information
Hooks and Filters
The plugin uses standard WordPress hooks:
authenticate – To check if a user is blocked during login
show_user_profile / edit_user_profile – To add the block button
personal_options_update / edit_user_profile_update – To save block status
admin_notices – To display blocked user warnings
wp_ajax_uab_toggle_user_block – For AJAX functionality
Database
The plugin stores block status in user meta:
* Meta key: _uab_user_blocked
* Meta value: boolean (true/false)
Uninstall
The plugin includes a proper uninstall routine that removes all plugin data from the database when deleted through the WordPress admin.
Support
For support, feature requests, or bug reports, please visit plugin support forum or GitHub repository.
Privacy Policy
This plugin does not collect any personal data. It only stores block status as user metadata within your WordPress database. No data is sent to external servers.
The plugin logs block/unblock actions to your server’s error log for security audit purposes. These logs remain on your server and are not transmitted elsewhere.
