Mô tả
RS Remote Site Manager allows you to manage multiple WordPress sites from a single dashboard as https://wp-admin.online. Monitor your WordPress versions, plugins, themes, and log in with one click.
Features:
- Centralized dashboard for all your WordPress sites
- Track WordPress core version
- Monitor installed plugins and themes
- Get notified about available updates
- One-click login to wp-admin
- Automatic daily sync
Third-Party Service
This plugin connects to the Rootscope Remote Site Manager service to provide centralized WordPress site management. The following data is sent to the Rootscope Remote Site Manager API (https://wp-admin.online/api/v1):
* WordPress version and PHP version
* List of installed plugins and themes (names, versions, active status)
* Administrator usernames and display names (for one-click login)
Data is transmitted over HTTPS and authenticated using HMAC signatures. No data is sent until you configure your API credentials.
Ảnh màn hình
Central dashboard showing all connected WordPress sites and their health score 
View all plugins and themes across your sites and track available updates 
Monitor WordPress and PHP versions across all connected sites 
Manage multiple WordPress sites from a single central dashboard
Cài đặt
- Upload the plugin files to the
/wp-content/plugins/rootscope-remote-site-managerdirectory, or install the plugin through the WordPress plugins screen directly. - Activate the plugin through the ‘Plugins’ screen in WordPress
- Go to Tools -> Rootscope Remote Site Manager to configure the plugin
- Enter your API Key and API Secret from your Rootscope Remote Site Manager dashboard and choose the Login Administrator account
- Click “Verify Connection” to confirm the connection
Hỏi đáp
-
Where do I get my API credentials?
-
Log in to your Rootscope Remote Site Manager dashboard at https://wp-admin.online, add a new site, and you’ll receive your API Key and API Secret.
-
How often does the plugin sync data?
-
The plugin automatically syncs data once daily. You can also trigger a manual sync from the settings page.
-
Is my data secure?
-
Yes. All communication between your site and Rootscope Remote Site Manager is encrypted via HTTPS and authenticated using HMAC signatures.
-
How does the plugin resolve client IPs behind a reverse proxy or CDN?
-
Login and failed-login events record the originating client IP. By default, the plugin uses
REMOTE_ADDRdirectly, and only consults forwarded headers (X-Forwarded-For,X-Real-IP) whenREMOTE_ADDRis a private or reserved address (i.e. the request reached PHP from a local reverse proxy).If your site sits behind a public reverse proxy (load balancer, CDN, etc.), define one or both of the following constants in
wp-config.phpso the plugin knows which upstream addresses are trusted to set forwarded headers:define('RSADMIN_TRUSTED_PROXY_IPS', '203.0.113.0/24, 198.51.100.10');Accepts a comma-separated string or an array of IPs/CIDR ranges (IPv4 and IPv6). When
REMOTE_ADDRmatches an entry, the plugin walksX-Forwarded-Forright-to-left and returns the first IP that is not itself a trusted proxy — this prevents an attacker from spoofing the leftmost value.define('RSADMIN_TRUSTED_CF_IPS', '173.245.48.0/20, 103.21.244.0/22');Required if you rely on Cloudflare’s
CF-Connecting-IPheader. The plugin only honors that header whenREMOTE_ADDRis in one of the configured Cloudflare edge ranges — without it, a non-Cloudflare proxy could forward a client-suppliedCF-Connecting-IPvalue and falsify attribution. Use the official list at https://www.cloudflare.com/ips/. If you use the official Cloudflare WordPress plugin (which rewritesREMOTE_ADDRdirectly), you do not need to set this constant.
Đánh giá
Không có đánh giá nào cho plugin này.
Người đóng góp & Lập trình viên
“RS Remote Site Manager” là mã nguồn mở. Những người sau đã đóng góp vào plugin này.
Những người đóng góp
Dịch “RS Remote Site Manager” sang ngôn ngữ của bạn.
Muốn tham gia phát triển?
Duyệt code, check out SVN repository, hoặc theo dõi nhật ký phát triển qua RSS.
Nhật ký thay đổi
2.4.0
- Add site audit-scan endpoint with phased scanner: hook-integration detection, plugin source classification (wp.org / commercial / unknown), object-cache and page-cache signals, multisite detection, and capped mu-plugin scan
- Backup preflight now emits
binary_bytes_ratioper table so the dashboard planner can size chunk ranges by SQL output bytes rather than row count (fixes OOM on BLOB-heavy tables likeitsec_distributed_storage) - wpdb chunk-dumper fallback caps batch size against a 2 MB byte budget before the first query, preventing fat-row pages from blowing memory mid-range (filterable via
rsadmin_backup_wpdb_batch_byte_budget) - Raise WP memory limit to the admin threshold at
dump-chunkentry so single wide LONGBLOB rows fit during INSERT assembly on hosts with sub-256MB defaults
2.3.0
- Add bulk-quick update endpoint enabling the dashboard’s Quick update mode (one HTTP call per chunk of plugin/theme updates, with per-slug success/skipped/failed results)
- Harden login IP resolution: gate
CF-Connecting-IPto Cloudflare edges via newRSADMIN_TRUSTED_CF_IPSconstant, walkX-Forwarded-Forright-to-left skipping trusted proxies, support Cloudflare Pseudo IPv4 (CF-Connecting-IPv6), and preferX-Forwarded-ForoverX-Real-IPin multi-hop setups
2.2.0
- Fix plugin updates and rollbacks failing with “Could not copy file” on WP Engine sites
- /update, /rollback, and rollback chunked endpoints now route through admin-ajax with the wpe-auth cookie
1.1.3
- Invalidate caches when API secret is saved
1.1.2
- Fixed api secret double-encryption when option didn’t exist
- Preselect first admin account by default
1.1.1
- Use correct API URL constant, add dashboard link to registration notice
- Rename wpadmin_account_token to rsadmin_account_token for consistency
- Encrypt account token at rest, clean up on uninstall, fix changelog formatting
- Token registration
1.1.0
- Full site backups
- Uptime Checks
- Remote updates
- Bulk install using a token
1.0.0
- Initial release