=== Admin Optimizer – Performance, Security & Site Cleanup ===
Author URI: https://damienoh.com
Plugin URI: https://www.adminoptimizer.com/
Tags: performance, optimization, cleanup, security, disable features, all in one plugin
Contributors: yipresser, damienoh
Requires at least: 5.5
Requires PHP: 7.4.0
Tested up to: 6.9
Stable tag: 2.1.1
License: GPLv2 or later
License URI: http://www.gnu.org/licenses/gpl-2.0.html

Speed up, secure, and clean your WordPress site. Replace multiple plugins with one lightweight plugin.

== Description ==

Admin Optimizer is an all-in-one WordPress optimization plugin designed to:

- Improve performance (reduce bloat, optimize database)
- Strengthen security (block attacks, hide vulnerabilities)
- Clean up WordPress core features you don’t need
- Enhance admin workflow and productivity

Instead of installing 10+ plugins, you can manage everything in one place.

== Why Admin Optimizer? ==
- Replace multiple plugins with one
- Modular system — enable only what you need
- Lightweight — no unnecessary scripts or bloat
- Built with WordPress hooks (no hacks)
- Beginner-friendly, developer-safe

== What can it replace? ==

Admin Optimizer can replace plugins like:

- Database cleaner plugins
- Limit login attempts plugins
- XML sitemap plugins
- Custom post type plugins
- SMTP plugins
- Security hardening plugins
- Forms plugins

…and more.

== Modules: ==

[See all modules >>](https://www.adminoptimizer.com/modules/)

== Performance ==
- **Database Cleaner**: Schedule regular optimization and cleaning of the WP database to improve site performance. [Pro](https://www.adminoptimizer.com/) adds options to manually clean individual DB tables, track unused options, and remove autoload bloat from the Options table.
- **Heartbeat Control**: Modify the WordPress Heartbeat API interval to reduce server load and improve the editor experience.
- **Disable Emojis**: remove all emoji-related styles and scripts from the site.
- **Disable jQuery Migrate**: disable loading of the jQuery Migrate script on the site.
- **Disable 404 URL Redirect**: stop WordPress from redirecting requests to a similar-looking URL when a page is not found, preventing unintended content being shown.
- **Remove oEmbed links**: remove the "json+oembed" and "xml+oembed" discovery links from the site's header, preventing other sites from embedding your content.

== Security ==
- **Block Failed Login**: limit failed login attempts and block bad actors from carrying out brute-force attacks. [Pro](https://www.adminoptimizer.com/) adds options to customise the lockout duration, a full lockout mode, and the ability to hide the login form during lockout.
- **Two-Factor Authentication**: enable two-factor authentication (TOTP) for all your users. [Pro](https://www.adminoptimizer.com/) adds options to make 2FA compulsory for defined user roles, block users without 2FA from logging in, and allow users to save trusted devices.
- **Custom Login URL**: hide the wp-login.php URL and create a custom secret login URL for your users.
- **Disable XML-RPC**: disable the XML-RPC protocol. XML-RPC has no built-in encryption or authentication hardening, so disabling it is recommended unless explicitly required.
- **Block Admin Access**: prevent selected user roles from accessing the WordPress Dashboard and redirect them to a URL of your choice.
- **Disable User Account**: disable user accounts for inactive users and prevent them from logging in.
- **Hide WordPress Version**: remove the WP version tag from the site's header.
- **Remove X-Pingback header**: remove the "X-Pingback" HTTP header to prevent other sites from pinging back to yours.
- **Remove X-Powered-By header**: remove the "X-Powered-By" HTTP header to hide PHP and server information.
- **Remove REST API link**: remove REST API discovery links from the site's header for non-authenticated users.
- **Remove Really Simple Discovery (RSD) link**: remove the RSD link used by XML-RPC clients to discover your endpoint.
- **Remove Shortlink**: remove the shortlink tag from the site's header.

== Content & SEO ==
- **Post Cloner**: easily clone posts and any other post type, including all post meta and taxonomies.
- **Content Refresh**: easily keep your content updated for SEO. Clone a post as a draft child. When you (re)publish the clone it updates the original post — perfect for refreshing old content without creating a new URL. [Pro](https://www.adminoptimizer.com/)
- **XML Sitemap**: configure and manage the native WordPress XML sitemap for search engines. [Pro](https://www.adminoptimizer.com/) adds sitemap caching for improved performance and a Google News sitemap.
- **Auto-Publish Posts with Missed Schedule**: automatically publish posts that missed their scheduled publication time.
- **Lock Modified Date**: prevent the post's modified date from being updated unnecessarily. [Pro](https://www.adminoptimizer.com/) adds support for custom post types and per-role permissions.
- **SVG File Upload**: allow SVG file uploads. Files are sanitised on upload to ensure they are safe to use.
- **Auto convert image filename to Alt text**: automatically pre-fill empty Alt text fields with the image filename.
- **Robots.txt and Ads.txt Manager**: manage robots.txt, ads.txt, and app-ads.txt directly from the WordPress dashboard — no FTP or file uploads required.
- **Limit Image upload size**: set a maximum file size for image uploads to stop users from uploading oversized files.
- **Convert underscore to hyphen in image filenames**: automatically rename uploaded image files, replacing underscores with hyphens for better SEO-friendly URLs.
- **Auto add anchor target to Headings block**: transform WordPress heading blocks into clickable anchor targets, making it easier for readers to link directly to specific sections.
- **Disable Category Archive Page**: disable all category archive pages on the site frontend.
- **Disable Tag Archive Page**: disable all tag archive pages on the site frontend.
- **Disable Author Archive Page**: disable all author archive pages on the site frontend.
- **Disable Date Archive Page**: disable all date-based archive pages on the site frontend.

== Custom Fields & Post Types ==
- **Custom Fields Builder**: build a custom fields layout and create fields for any post type. Show or hide fields based on post type, post status, user role, and more. [Pro](https://www.adminoptimizer.com/)
- **Custom Post Status**: register custom post statuses. [Pro](https://www.adminoptimizer.com/) adds options to assign them to specific post types and restrict availability by user role.
- **Custom Post Types**: register new custom post types for various content.
- **Custom Taxonomies**: register new custom taxonomies to support all post types.

== Admin & Users ==
- **Hide Update notice**: hide the update notification for all users except those with the Update capability (administrators by default).
- **Disable Gutenberg Editor**: disable the block editor and restore the Classic editor as the default.
- **Page Ordering**: reorder pages and custom post types that support page attributes using drag and drop.
- **Hide admin toolbar for all users**: hide the admin toolbar for all logged-in users when browsing the frontend.
- **Track User Last Login**: record and display the last login date for every user in the Users list.
- **Track User Registration Date**: display each user's registration date in the Users list.
- **Disable new user signup notification**: suppress the default email notification sent when a new user account is created.
- **Auto open Advanced panel in Gutenberg**: automatically expand the Advanced panel in the block inspector on mouse hover, saving extra clicks.

== System Tools ==
- **SMTP Email**: replace the default WordPress mailer with an external SMTP service to ensure reliable email delivery.
- **Form Builder**: create forms and embed to your posts and pages, collect entries, receive notification emails, style basic controls, and add honeypot, reCAPTCHA, or Turnstile spam protection. [Pro](https://www.adminoptimizer.com/)


[See all modules >>](https://www.adminoptimizer.com/modules/)

Your feedback is WELCOME!

== Screenshots ==

1. Quick Setup Page
2. Performance Settings
3. Security Settings
4. Content & SEO Settings
5. Custom Fields & Post Types Settings
6. Admin & Users Settings

== Installation ==

= Using The WordPress Dashboard =

1. Navigate to the 'Add New' in the plugins dashboard
2. Search for 'Admin Optimizer'
3. Click 'Install Now'
4. Activate the plugin on the Plugin dashboard

= Uploading in WordPress Dashboard =

1. Navigate to the 'Add New' in the plugins dashboard
2. Navigate to the 'Upload' area
3. Select `admin-optimizer.zip` from your computer
4. Click on 'Install Now' button
5. Activate the plugin in the Plugin dashboard

= Using FTP =

1. Download `admin-optimizer.zip`
2. Extract the `admin-optimizer` directory to your computer
3. Upload the `admin-optimizer` folder to the `/wp-content/plugins/` directory
4. Activate the plugin in the Plugin dashboard

== Changelog ==
= 2.1.1 =
* Fixed: a bug where the limit image size Setings page is not shown

= 2.1.0 =
* Added: new Form Builder module

= 2.0.1 =
* Added: SMTP Provider for SMTP Email module
* Added: "Force From" toggle in SMTP Email module
* Updated: WordPress 7.0 theme support

= 2.0.0 =
* Revamp the new categorization of modules
* Fixed: Fixed a 2FA invalid login esc_html bug
* Updated: switched ToTP provider to have less dependency on third-party tool
* Fixed: rename Post Republisher to Content Refresh

= 1.9.0 =
* Added: new Preset feature
* Updated: Improved UI for Admin Optimizer

= 1.8.0 =
* Added: Revamp new UI for Admin Optimizer
* Added: new Block Admin Access module

= 1.7.1 =
* Fixed: switched to ADMINOPTIMIZER_VERSION instead of filemtime() for versioning
* Fixed: SMTP from field is only set if it is empty. It doesn't override other plugin Send_from settings now.

= 1.7.0 =
* Added: new Page Ordering module
* Fixed: SMTP password is now encrypted before saving to the database

= 1.6.0 =
* Added: new Pro Custom Fields Builder module.
* Fixed: Post Cloner module now doesn't clone other's password-protected posts
* Fixed: Improve the user interface for Custom Post Types and Custom Taxonomies modules

= 1.5.4 =
* Bug: fixed no posts showing in XML sitemap
* Added: new Pro options for XML Sitemap module
* Fixed: DB Cleaner comments not cleaned bug.
* Fixed: multiple files for vulnerability
* Fixed: Robots.txt not displaying properly.
* Fixed: XML Sitemap not properly included in Robots.txt

= 1.5.3 =
Fixed: Custom Post Types module not showing correct options when editing existing post types
Fixed: Custom Taxonomies module not showing correct options when editing existing taxonomies

= 1.5.2 =
Added: Post Cloner after cloning action

= 1.5.1 =
Fixed: XML Sitemap URL wrongly set on robots.txt

= 1.5.0 =
Added: new XML Sitemap module

= 1.4.2 =
* The plugin now require PHP version 7.4.0
* Added polyfills for PHP 8 and 8.1 functions
* Fixed: 2FA module now works on PHP7.4
* Bug: make sure the `Envelope-From`, `Return-Path` is properly set via `$phpmailer->Sender` and `$phpmailer->ReturnPath`.

= 1.4.1 =
* Updated: plugin site URL

= 1.4.0 =
* Added: new Post Cloner module
* Added: new Robots.txt, ads.txt and app-ads.txt module
* Added: removed scheduled tasks on module deactivation

= 1.3.0 =
* Added: new Export/Import module.
* Added: auto add anchor target to Headings block
* Added: Disable Gutenberg editor
* Added: Disable Category archive pages
* Added: Disable Tag archive pages
* Added: Disable Author archive pages
* Added: Disable Date archive pages
* Bug: correct a sentence error in database cleaner module

= 1.2.0 -  =
* Added: new Database Cleaner module
* Enhancement: updated admin UI interface
* Bug: correct modified date column text

= 1.1.0 - 27 August 2025 =
* Added: new Disable User Accounts Module.
* Added: new Disable Guess Redirect 404 Module.
* Enhancement: improve the modules page.

= 1.0.4 - 20 August 2025 =
* Enhancement: remove access to xml-rpc class and file.
* Change: Moved Disable XML-RPC module to Security section.
* Bug: Correct taxonomy spelling mistake.

= 1.0.3 - 19 August 2025 =
* Bug fixes: fixed 2fa conflicts with last login date.

= 1.0.2 - 15 August 2025 =
* Minor bug fixes: fixed spelling error

= 1.0.1 - 13 August 2025 =
* Minor bug fixes, security compliant fixes and first release to WP Plugin Directory

= 1.0.0 - 25 June 2025 =
* First release

== Frequently Asked Questions ==

= What is Admin Optimizer? =

A modular all-in-one plugin that improves performance, security, and workflow — replacing multiple plugins.

= Can I disable features I don’t need? =

Yes. Every module can be turned on/off individually.

= Will it slow down my site? =

No. It reduces plugin load and removes unnecessary features, often improving performance.

= Does it work with multisite? =

Admin Optimizer has not been tested on multisite and does not officially support multisite.
