Admin Menu Editor
Admin Menu Editor lets you manually edit the Dashboard menu. You can reorder the menus, show/hide specific items, change permissions, and more. Features Change menu titles, URLs, icons, CSS classes and so on. Organize menu items via drag & drop. Change menu permissions by setting the required capability or role. Move a menu item to a different submenu. Create custom menus that point to any part of the Dashboard or an external URL. Hide/show any menu or menu item. A hidden menu is invisible to all users, including administrators. The Pro version lets you set per-role menu permissions, hide a menu from everyone except a specific user, export your admin menu, drag items between menu levels, make menus open in a new window and more. Try online demo. Additional Features Despite the name, this plugin is not limited to just editing the admin menu. You can also: Create login redirects and logout redirects. Allow/deny access to specific posts based on user roles. Hide plugins on the Plugins -> Installed Plugins page from other users. Edit the display name, description, and other plugin details shown on the Plugins -> Installed Plugins page (e.g. for white-labelling). Shortcodes The plugin provides a few utility shortcodes. These are mainly intended to help with creating login/logout redirects, but you can also use them in posts and pages. [ame-wp-admin] – URL of the WordPress dashboard (with a trailing slash). [ame-home-url] – Site URL. Usually, this is the same as the URL in the “Site Address” field in Settings -> General. [ame-user-info field="..."] – Information about the logged-in user. Parameters: field – The part of user profile to display. Supported fields include: ID, user_login, display_name, locale, user_nicename, user_url, and so on. placeholder – Optional. Text that will be shown if the visitor is not logged in. encoding – Optional. How to encode or escape the output. This is useful if you want to use the shortcode in your own HTML or JS code. Supported values: auto (default), html, attr, js, none. Notes If you delete any of the default menus they will reappear after saving. This is by design. To get rid of a menu for good, either hide it or change it’s access permissions. In the free version, it’s not possible to give a role access to a menu item that it couldn’t see before. You can only restrict menu access further. In case of emergency, you can reset the menu configuration back to the default by going to http://example.com/wp-admin/?reset_admin_menu=1 (replace example.com with your site URL). You must be logged in as an Administrator to do this.
Top keywords
- menu19×4.28%
- user7×1.58%
- url6×1.35%
- hide5×1.13%
- access4×0.90%
- admin4×0.90%
- admin menu4×0.90%
- change4×0.90%
- menus4×0.90%
- permissions4×0.90%
- dashboard3×0.68%
- default3×0.68%
SiteAgent for Aura
SiteAgent is the bridge between your WordPress sites and the Aura infrastructure dashboard — a unified control center for teams managing multiple WordPress sites alongside servers, CDN, and DNS. Install this plugin on any WordPress site to unlock remote management capabilities directly from Aura — no SSH, no wp-admin juggling, no manual logins. What You Can Do Monitor site health — See WordPress version, PHP version, installed plugins & themes, database info, and disk usage in real time. Update plugins, themes & core remotely — Push updates to any connected site from the Aura dashboard, no wp-admin login. Safe batch updates with auto-rollback — Run chunked updates with health checks; if an update breaks the site, the plugin restores the previous version automatically. Per-plugin rollback — Every update is zip-snapshotted first; restore any plugin to its last good state on demand. Bulk translation & database upgrades — Update all language packs and run WordPress database migrations remotely. One-click connect (magic link) — Connect a site to Aura straight from wp-admin — no manual token copy/paste. AI-agent ready (18 MCP tools) — Exposes machine-readable, JSON-schema tools for AI-driven management, including SEO/accessibility/performance/broken-link auditors and on-site SEO-meta read/write (Rank Math, Yoast, SEOPress). Read tools run on demand; mutating tools are approval-gated through Aura, and every call is audited. Zero frontend impact — The plugin only registers REST API endpoints. No scripts, no styles, no database queries on visitor-facing page loads. How It Works After activation, click Connect to Aura on the Settings → SiteAgent page for a one-click magic-link connection, or copy the Site Token shown once and paste it into your Aura dashboard manually. From that point, Aura communicates with your site over a signed, authenticated REST API to pull health data and push updates. Security Defence-in-depth protects every request: WordPress Application Password — Standard WordPress auth with capability checks (manage_options / update_*). Only authorized administrators can trigger actions. Hashed Site Token — A per-site token sent via the X-Aura-Token header. Only a SHA-256 hash is stored (never the raw token), compared timing-safely. Tokens from older versions migrate to a hash automatically. Brute-force throttling — Repeated bad-token attempts from an IP are blocked. Signed magic-link connect — The onboarding callback is HMAC-signed with a one-time secret and timestamp, so the token exchange can’t be hijacked or replayed. IP / Domain allowlist (optional) — Restrict API access to your Aura instance, with Cloudflare and reverse-proxy header support. You can rotate the token anytime from Settings → SiteAgent → Regenerate Token. REST API Endpoints Core endpoints under /wp-json/aura/v1/: GET /status — Full site health report GET /updates — Check available updates (core, plugins, themes, translations) POST /update/core / /update/plugin / /update/theme / /update/translations — Apply updates POST /update/database — Run WordPress database upgrades POST /connect — Magic-link token exchange (public, HMAC-signed, 10-minute expiry) Version 2 endpoints under /wp-json/aura/v2/: GET /health — HTTP, PHP fatal, white-screen and DB connectivity checks POST /update/batch — Chunked batch updates with auto-rollback on health failure POST /rollback/{plugin} — Restore a plugin from its most recent backup MCP tools under /wp-json/aura/mcp/: POST /tools/list / POST /tools/execute — Enumerate and run AI-agent tools GET /context — Full site context for AI decision-making AI Agent Tools (MCP) SiteAgent ships 18 built-in tools for AI agents. Read tools return information and run on demand; write tools change the site and are queued for human approval through Aura — an agent can never silently mutate a production site. Read tools: get_site_context — WordPress/PHP/theme/plugin/disk/performance snapshot with detected issues get_database_info — Database size, largest tables, autoloaded-options weight, expired transients scan_security — Scored security posture (file-edit lockdown, debug exposure, SSL, default admin/prefix, open registration, PHP version) scan_seo — SEO posture (search-engine visibility, permalinks, XML sitemap, site title) plus a sampled content audit (thin content, missing excerpts/featured images) scan_a11y — Accessibility audit over sampled content (images missing alt text, non-descriptive link text, heading structure, document language) perf_check — Performance posture (persistent object cache, OPcache, page-cache plugin, PHP version, autoload weight, active plugin count, memory limit) scan_broken_links — Link triage over a content sample with no outbound HTTP (empty/anchor-only links, dev/staging hosts, unresolved internal links) list_users — Users with roles and post counts, administrators flagged (never returns secrets) check_health — Live health gate: HTTP status, PHP fatals, white-screen, database connectivity scan_error_log — Tails and severity-groups the error log, surfacing recent fatals check_vulnerabilities — Plugins/themes checked against the WordPress.org vulnerability database get_seo_meta — Read a post/page’s SEO title, description, and focus keyword from the active SEO plugin (Rank Math, Yoast, or SEOPress) Write tools (approval-gated): update_plugin_safely — Backup, update, health-check, auto-rollback on failure clear_caches — Flush object/opcode caches and detected page-cache plugins cleanup_transients — Remove expired transients to reduce autoload bloat cleanup_orphaned_assets — Find and remove unused media (dry-run by default) backup_plugins — Zip-snapshot one or all active plugins as a rollback safety net set_seo_meta — Write a post/page’s SEO title / description / focus keyword on the active SEO plugin (Rank Math, Yoast, or SEOPress) — on-site, so it works even when a WAF blocks the plugin’s own REST endpoint Tools are classified by verb so the Aura Fleet gateway applies the right risk and approval policy automatically. About Aura Aura is a full-stack operations dashboard by Digitizer that brings servers, applications, DNS zones, and CDN pull zones from Cloudways, Hostinger VPS, Cloudflare, and Bunny.net into a single unified interface. SiteAgent extends that reach into every WordPress installation — so you can manage your entire infrastructure, including WordPress sites, from one place. Free to Use The plugin is completely free and open source (GPLv2+). You need a free or paid Aura account to connect your sites. Sign up at my-aura.app. Links Aura Dashboard Documentation GitHub Repository Digitizer