Description
DashOrgNicer Feature Manager helps you clean up the WordPress admin by disabling or restricting features for specific user roles.
- Disable features your site does not need (for example, Posts on a brochure site)
- Restrict admin menus to specific roles
- Enforce access through menus, capabilities, direct URLs, and REST API
- Auto-discover custom post types, Settings sub-pages, and plugin admin pages
- Per-screen Settings access control, Plugin Pages control, and site-wide General toggles
- Reflect WordPress native role capabilities in the settings UI
DashOrgNicer Feature Manager is intended for site owners, agencies, and teams who want tighter control over what appears in wp-admin for each role.
Installation
- Upload the
dashorgnicer-feature-managerfolder to/wp-content/plugins/ - Activate the plugin through the Plugins menu in WordPress
- Go to DashOrgNicer Feature Manager in the admin menu to configure feature access
FAQ
-
Who can access DashOrgNicer Feature Manager settings?
-
Users with the
adftmgr_manage_settingscapability (Administrators on a default install). -
Do restrictions apply to administrators?
-
Yes. Feature rules apply to all roles, including administrators. Users who can manage DashOrgNicer Feature Manager settings can always open DashOrgNicer Feature Manager to change rules.
-
No. DashOrgNicer Feature Manager enforces restrictions through admin menus, capabilities, direct URL guards, REST API routes, and admin bar nodes where applicable.
-
Can I lock myself out of DashOrgNicer Feature Manager?
-
Any user with the
adftmgr_manage_settingscapability can always reopen DashOrgNicer Feature Manager to change rules. On a default install, that is the Administrator role. -
What happens if I disable Posts for all roles?
-
Posts menus, screens, REST endpoints, and related admin bar links are blocked for affected users. Save carefully and keep at least one manager who can access DashOrgNicer Feature Manager.
-
Does DashOrgNicer Feature Manager support custom post types and plugin settings pages?
-
Yes. Custom post types are auto-discovered on the Post Types screen. Plugin and theme admin pages registered as
admin.php?page=…appear on the Plugin Pages screen. Settings sub-pages underoptions-general.phpappear on Settings Screens. -
Will directory listing protection secure my server?
-
No. The General setting only adds protective
index.phpfiles in WordPress-managed folders. Configure your web server (for example, disable directory indexes) for real hardening. -
Does disabling one Settings screen block the REST API for that screen?
-
Not individually in v1. Settings Screens enforcement applies to wp-admin menus, direct URLs, and capabilities. The shared
/wp/v2/settingsREST route is blocked only when the parent Settings feature is denied on the Features page. Per-screen REST granularity may be added in a future release. -
Are plugin admin pages blocked via REST?
-
Plugin Pages enforcement covers wp-admin menus,
admin.php?page=…URLs, and capabilities. REST endpoints are not auto-discovered. Use theadftmgr_admin_pagesfilter to addrest_routeswhen a plugin exposes an API you need to gate.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“DashOrgNicer Feature Manager” is open source software. The following people have contributed to this plugin.
ContributorsTranslate “DashOrgNicer Feature Manager” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0.0
- Initial release scaffold
- Admin menu with Features and Post Types pages
- Full MVP feature catalog with role-based enforcement
- Custom post type auto-discovery
- Full enforcement layers: menus, capabilities, direct URLs, REST API, and admin bar
- Settings Screens submenu for per-screen Settings access
- Plugin Pages submenu for third-party admin.php?page=* screens
- General submenu for site-wide admin toggles
- Directory listing protection via index.php placeholders
- Reset to WordPress defaults
