=== Admin Optimizer – Performance, Security & Site Cleanup ===
Author URI: https://damienoh.com
Plugin URI: https://www.adminoptimizer.com/
Tags: performance, optimization, cleanup, security, all in one plugin
Contributors: yipresser, damienoh
Requires at least: 5.9
Requires PHP: 7.4.0
Tested up to: 7.0
Stable tag: 2.2.0
License: GPLv2 or later
License URI: http://www.gnu.org/licenses/gpl-2.0.html

Database cleaner, redirect manager, custom code snippets, SMTP email, 2FA, XML sitemap, duplicate post, custom post types, and more — all in one WordPress plugin

== Description ==

**Admin Optimizer** is a modular all-in-one WordPress plugin built to improve performance, harden security, and streamline your admin workflow — without the bloat of installing a dozen separate plugins.

Whether you need to clean your database, manage redirects, inject custom code snippets, protect your login page, or build custom post types, Admin Optimizer covers it all in one place.

**Key highlights:**
- Improve site speed with database optimization and script management
- Strengthen security with 2FA, login protection, and attack blocking
- Manage URL redirects and monitor 404 errors from the dashboard
- Add custom CSS, JavaScript, HTML, and PHP code snippets without a child theme
- Build forms, custom fields, and custom post types without extra plugins
- Send reliable transactional email via SMTP

Instead of installing 10+ plugins, you can enable only the modules you need — all from a single, lightweight plugin.

== Why Admin Optimizer? ==
- Replace multiple single-purpose plugins with one
- Modular system — activate only what you need, disable the rest
- Lightweight — no unnecessary scripts or styles loaded on your site
- Built with standard WordPress hooks (no core hacks)
- Beginner-friendly interface, developer-safe architecture

== What can it replace? ==

Admin Optimizer can replace plugins like:

- Database cleaner and optimizer plugins
- Redirect manager and 301 redirect plugins
- Limit login attempts plugins
- XML sitemap plugins
- Custom post type and taxonomy plugins
- SMTP email plugins
- Security hardening plugins
- Form builder plugins
- Custom code / code snippets plugins

…and more.

== Modules: ==

[See all modules >>](https://www.adminoptimizer.com/modules/)

== Performance ==
- **Database Cleaner**: Schedule automatic optimization and cleaning of the WordPress database to improve site speed. [Pro](https://www.adminoptimizer.com/) adds options to manually clean individual DB tables, track unused options, and remove autoload bloat from the Options table.
- **Heartbeat Control**: Adjust the WordPress Heartbeat API interval to reduce server load and improve the editor experience.
- **Disable Emojis**: Remove all emoji-related styles and scripts from the site to reduce HTTP requests.
- **Disable jQuery Migrate**: Prevent the jQuery Migrate script from loading on the frontend for faster page loads.
- **Disable 404 URL Redirect**: Stop WordPress from redirecting requests to a similar-looking URL when a page is not found, preventing unintended content from being shown.
- **Remove oEmbed links**: Remove the "json+oembed" and "xml+oembed" discovery links from the site header, preventing other sites from embedding your content.

== Security ==
- **Block Failed Login**: Limit failed login attempts and block brute-force attacks. [Pro](https://www.adminoptimizer.com/) adds customisable lockout duration, a full lockout mode, and the ability to hide the login form during lockout.
- **Two-Factor Authentication (2FA)**: Enable TOTP-based two-factor authentication for your users. [Pro](https://www.adminoptimizer.com/) adds options to enforce 2FA for specific user roles, block logins without 2FA, and allow trusted device saving.
- **Custom Login URL**: Hide the wp-login.php URL and set a custom secret login URL to protect your login page from bots.
- **Disable XML-RPC**: Disable the XML-RPC protocol, which has no built-in encryption or authentication hardening and is a common attack vector.
- **Disable User Account**: Disable accounts for inactive users and prevent them from logging in.
- **Hide WordPress Version**: Remove the WP version tag from the site header to obscure your WordPress installation.
- **Remove X-Pingback header**: Remove the "X-Pingback" HTTP header to prevent pingback abuse.
- **Remove X-Powered-By header**: Remove the "X-Powered-By" HTTP header to hide PHP and server information from attackers.
- **Remove REST API link**: Remove REST API discovery links from the site header for non-authenticated users.
- **Remove Really Simple Discovery (RSD) link**: Remove the RSD link used by XML-RPC clients to discover your endpoint.
- **Remove Shortlink**: Remove the shortlink tag from the site header.

== Content & SEO ==
- **Post Cloner**: Easily clone and duplicate posts and any custom post type, including all post meta and taxonomies.
- **Content Refresh**: Keep content updated for SEO without creating a new URL. Clone a post as a draft, edit it, and republish to update the original post in place. [Pro](https://www.adminoptimizer.com/)
- **XML Sitemap**: Configure and manage the native WordPress XML sitemap for search engines. [Pro](https://www.adminoptimizer.com/) adds sitemap caching and a Google News sitemap.
- **Redirect Manager**: Create and manage URL redirects directly from the WordPress dashboard, with support for 301 and 302 redirects. [Pro](https://www.adminoptimizer.com/) adds automatic redirect creation on permalink changes, a 404 error monitor to identify broken links, and post-level redirect workflow tools.
- **Auto-Publish Posts with Missed Schedule**: Automatically publish posts that missed their scheduled publication time.
- **Lock Modified Date**: Prevent the post modified date from updating unnecessarily. [Pro](https://www.adminoptimizer.com/) adds support for custom post types and per-role permissions.
- **SVG File Upload**: Allow SVG file uploads, with automatic sanitisation on upload to ensure files are safe to use.
- **Auto-convert image filename to Alt text**: Automatically pre-fill empty Alt text fields with the image filename to improve accessibility.
- **Robots.txt and Ads.txt Manager**: Manage robots.txt, ads.txt, and app-ads.txt directly from the WordPress dashboard — no FTP or file editor required.
- **Limit Image Upload Size**: Set a maximum file size for image uploads to stop users from uploading oversized files.
- **Convert underscore to hyphen in image filenames**: Automatically rename uploaded images, replacing underscores with hyphens for SEO-friendly URLs.
- **Auto add anchor target to Headings block**: Transform WordPress heading blocks into clickable anchor links, making it easy for readers to link to specific sections.
- **Disable Category Archive Page**: Disable all category archive pages on the site frontend.
- **Disable Tag Archive Page**: Disable all tag archive pages on the site frontend.
- **Disable Author Archive Page**: Disable all author archive pages on the site frontend.
- **Disable Date Archive Page**: Disable all date-based archive pages on the site frontend.

== Custom Fields & Post Types ==
- **Custom Fields Builder**: Build custom field layouts and create fields for any post type. Control visibility by post type, post status, user role, and more. [Pro](https://www.adminoptimizer.com/)
- **Custom Post Status**: Register custom post statuses for your content workflow. [Pro](https://www.adminoptimizer.com/) adds options to assign them to specific post types and restrict availability by user role.
- **Custom Post Types**: Register new custom post types for your content.
- **Custom Taxonomies**: Register new custom taxonomies for any post type.

== Admin & Users ==
- **Block Admin Access**: Prevent selected user roles from accessing the WordPress Dashboard and redirect them to a URL of your choice.
- **Hide Update Notice**: Hide the WordPress update notification for all users except those with the Update capability (administrators by default).
- **Hide Admin Toolbar**: Hide the admin toolbar for all logged-in users when browsing the site frontend.
- **Track User Last Login**: Record and display the last login date for every user in the Users list.
- **Track User Registration Date**: Display each user's registration date in the Users list.
- **Disable New User Signup Notification**: Suppress the default email notification sent when a new user account is created.

== System Tools ==
- **SMTP Email**: Replace the default WordPress mailer with an external SMTP service to ensure reliable transactional email delivery.
- **Form Builder**: Create contact forms, embed them into posts and pages, collect entries, receive email notifications, and add honeypot, reCAPTCHA, or Turnstile spam protection. Import and export form configurations. [Pro](https://www.adminoptimizer.com/) adds a custom redirect URL after submission, per-field file type and size controls, submission limits by count or date, access control by login state or user role, and CSV entry export.
- **Custom Code**: Add and manage custom CSS, JavaScript and HTML directly from the WordPress dashboard, without modifying theme files or creating a child theme. [Pro](https://www.adminoptimizer.com/) adds CSS minification, conditional loading by login state or user role, and targeting code to specific posts or pages.
- **Disable Gutenberg Editor**: Disable the block editor and restore the Classic editor as the default for all post types.
- **Page Ordering**: Reorder pages and custom post types that support page attributes using drag and drop.
- **Auto Open Advanced Panel in Gutenberg**: Automatically expand the Advanced panel in the block inspector on mouse hover, saving extra clicks.


[See all modules >>](https://www.adminoptimizer.com/modules/)

Your feedback is WELCOME!

== Screenshots ==

1. Quick Setup Page
2. Performance Settings
3. Security Settings
4. Content & SEO Settings
5. Custom Fields & Post Types Settings
6. Admin & Users Settings
7. System Tools Settings

== Installation ==

= Using The WordPress Dashboard =

1. Navigate to the 'Add New' in the plugins dashboard
2. Search for 'Admin Optimizer'
3. Click 'Install Now'
4. Activate the plugin on the Plugin dashboard

= Uploading in WordPress Dashboard =

1. Navigate to the 'Add New' in the plugins dashboard
2. Navigate to the 'Upload' area
3. Select `admin-optimizer.zip` from your computer
4. Click on 'Install Now' button
5. Activate the plugin in the Plugin dashboard

= Using FTP =

1. Download `admin-optimizer.zip`
2. Extract the `admin-optimizer` directory to your computer
3. Upload the `admin-optimizer` folder to the `/wp-content/plugins/` directory
4. Activate the plugin in the Plugin dashboard

== Changelog ==

= 2.2.0 =
* Added: Custom Code module
* Added: Redirect Manager module
* Added: Import/export options for Form Builder
* Added: Preset options for robots.txt.
* Fixed: a bug in Custom Login URL that return 404 when checking email.
* Updated: reorganized modules in various sections.
* Bump up Requires at least to 5.9

= 2.1.1 =
* Fixed: a bug where the limit image size Setings page is not shown

= 2.1.0 =
* Added: new Form Builder module

= 2.0.1 =
* Added: SMTP Provider for SMTP Email module
* Added: "Force From" toggle in SMTP Email module
* Updated: WordPress 7.0 theme support

= 2.0.0 =
* Revamp the new categorization of modules
* Fixed: Fixed a 2FA invalid login esc_html bug
* Updated: switched ToTP provider to have less dependency on third-party tool
* Fixed: rename Post Republisher to Content Refresh

= 1.9.0 =
* Added: new Preset feature
* Updated: Improved UI for Admin Optimizer

= 1.8.0 =
* Added: Revamp new UI for Admin Optimizer
* Added: new Block Admin Access module

= 1.7.1 =
* Fixed: switched to ADMINOPTIMIZER_VERSION instead of filemtime() for versioning
* Fixed: SMTP from field is only set if it is empty. It doesn't override other plugin Send_from settings now.

= 1.7.0 =
* Added: new Page Ordering module
* Fixed: SMTP password is now encrypted before saving to the database

= 1.6.0 =
* Added: new Pro Custom Fields Builder module.
* Fixed: Post Cloner module now doesn't clone other's password-protected posts
* Fixed: Improve the user interface for Custom Post Types and Custom Taxonomies modules

= 1.5.4 =
* Bug: fixed no posts showing in XML sitemap
* Added: new Pro options for XML Sitemap module
* Fixed: DB Cleaner comments not cleaned bug.
* Fixed: multiple files for vulnerability
* Fixed: Robots.txt not displaying properly.
* Fixed: XML Sitemap not properly included in Robots.txt

= 1.5.3 =
Fixed: Custom Post Types module not showing correct options when editing existing post types
Fixed: Custom Taxonomies module not showing correct options when editing existing taxonomies

= 1.5.2 =
Added: Post Cloner after cloning action

= 1.5.1 =
Fixed: XML Sitemap URL wrongly set on robots.txt

= 1.5.0 =
Added: new XML Sitemap module

= 1.4.2 =
* The plugin now require PHP version 7.4.0
* Added polyfills for PHP 8 and 8.1 functions
* Fixed: 2FA module now works on PHP7.4
* Bug: make sure the `Envelope-From`, `Return-Path` is properly set via `$phpmailer->Sender` and `$phpmailer->ReturnPath`.

= 1.4.1 =
* Updated: plugin site URL

= 1.4.0 =
* Added: new Post Cloner module
* Added: new Robots.txt, ads.txt and app-ads.txt module
* Added: removed scheduled tasks on module deactivation

= 1.3.0 =
* Added: new Export/Import module.
* Added: auto add anchor target to Headings block
* Added: Disable Gutenberg editor
* Added: Disable Category archive pages
* Added: Disable Tag archive pages
* Added: Disable Author archive pages
* Added: Disable Date archive pages
* Bug: correct a sentence error in database cleaner module

= 1.2.0 -  =
* Added: new Database Cleaner module
* Enhancement: updated admin UI interface
* Bug: correct modified date column text

= 1.1.0 - 27 August 2025 =
* Added: new Disable User Accounts Module.
* Added: new Disable Guess Redirect 404 Module.
* Enhancement: improve the modules page.

= 1.0.4 - 20 August 2025 =
* Enhancement: remove access to xml-rpc class and file.
* Change: Moved Disable XML-RPC module to Security section.
* Bug: Correct taxonomy spelling mistake.

= 1.0.3 - 19 August 2025 =
* Bug fixes: fixed 2fa conflicts with last login date.

= 1.0.2 - 15 August 2025 =
* Minor bug fixes: fixed spelling error

= 1.0.1 - 13 August 2025 =
* Minor bug fixes, security compliant fixes and first release to WP Plugin Directory

= 1.0.0 - 25 June 2025 =
* First release

== Frequently Asked Questions ==

= What is Admin Optimizer? =

Admin Optimizer is a modular all-in-one WordPress plugin that improves site performance, hardens security, manages redirects, enables custom code snippets, and streamlines admin workflow — all from a single plugin, replacing 10+ separate plugins.

= Can I disable features I don’t need? =

Yes. Every module can be turned on or off individually. Only active modules run on your site.

= Will it slow down my site? =

No. Admin Optimizer is lightweight and loads only the code needed for the modules you have enabled. Disabling unused WordPress features with this plugin typically improves performance.

= What is the Custom Code module? =

The Custom Code module lets you add CSS, JavaScript and HTML directly from the WordPress dashboard, without editing theme files or using a child theme. It is available in the System Tools section.

= What is the Redirect Manager module? =

The Redirect Manager lets you create and manage 301/302 URL redirects from the WordPress admin. The free version includes full redirect management. The Pro version adds automatic redirects on permalink changes and a 404 error monitor.

= Does it work with multisite? =

Admin Optimizer has not been tested on multisite and does not officially support multisite.
