外掛標籤
開發者團隊
原文外掛簡介
WebCommander Store makes it easy to connect your WooCommerce store to WebCommander so you can migrate it across. With one click the plugin generates the API credentials WebCommander needs, bundles them into a single encrypted connection key, and shows you that key to copy and paste — no manual REST API setup, no juggling keys and secrets.
Everything happens on your own server. The plugin does not send any data anywhere — you copy the generated key yourself and paste it into WebCommander.
What it does
Generates a read-only WooCommerce REST API key for you automatically — no manual setup.
Generates a WordPress Application Password for authenticated access.
Bundles both into a single key, encrypted with AES-256, that you paste into WebCommander.
Shows a clear requirements check so you know your store is ready before you start.
Lets you revoke the generated credentials in one click once your migration is complete.
Removes all generated credentials and stored data when you revoke or uninstall.
How it works
Install and activate the plugin (WooCommerce must be active).
Go to WooCommerce → Store Setup.
Review the requirements check, then click Generate Connection Key.
Copy the key and paste it into WebCommander, along with the Site Encryption Key shown on the page.
When your migration is finished, click Revoke Access to remove the generated credentials from your site.
The connection key is valid for 24 hours and can be regenerated at any time.
Privacy and data
This plugin does not collect personal data and does not transmit anything to external services. All credential generation and encryption happens locally on your WordPress server. The resulting connection key is a self-contained encrypted string that you manually copy into WebCommander — no data leaves your site automatically.
The plugin stores the following locally in your WordPress database:
A read-only WooCommerce REST API key (in the {prefix}woocommerce_api_keys table) — deleted on revoke or uninstall.
A WordPress Application Password (via the WordPress core API) — deleted on revoke or uninstall.
A site-specific AES-256 encryption key in wp_options (wcmc_site_key) — deleted on uninstall.
A short-lived transient (wcmc_credentials) holding the IDs needed for revocation — expires after 24 hours and is deleted on revoke or uninstall.