Title: Limited Admin Role
Author: minhaz52
Published: <strong>2026 年 4 月 6 日</strong>
Last modified: 2026 年 4 月 6 日

---

搜尋外掛

![](https://ps.w.org/limited-admin-role/assets/icon-256x256.png?rev=3500423)

# Limited Admin Role

 由 [minhaz52](https://profiles.wordpress.org/minhaz52/) 開發

[下載](https://downloads.wordpress.org/plugin/limited-admin-role.2.9.1.zip)

 * [詳細資料](https://tw.wordpress.org/plugins/limited-admin-role/#description)
 * [使用者評論](https://tw.wordpress.org/plugins/limited-admin-role/#reviews)
 *  [安裝方式](https://tw.wordpress.org/plugins/limited-admin-role/#installation)
 * [開發資訊](https://tw.wordpress.org/plugins/limited-admin-role/#developers)

 [技術支援](https://wordpress.org/support/plugin/limited-admin-role/)

## 外掛說明

**Limited Admin Role** adds a custom WordPress role called **Admin Panel Manager**
that gives a user broad content and product management access — but blocks access
to WooCommerce Orders, Customers, Users, and sensitive reports.

**Key Features:**

 * 🔐 Granular capability grid — enable or disable every WordPress & WooCommerce
   capability from the settings UI, organized into 15 categories
 * 🚫 Block WooCommerce Orders, Customers, Analytics, and WordPress Users (menu 
   + URL + REST API)
 * 🧩 Plugin Access Deny — per-plugin admin page blocking via a dedicated submenu
 * 🔑 Plugins view-only — can see installed plugins list but cannot install/activate/
   deactivate/update/delete
 * 🕐 Configurable session timeout (default 12 hours) — forces logout regardless
   of “Remember Me”
 * ✅ Compatible with Rank Math, Yoast SEO, WooCommerce HPOS, and Cloudflare

**Capability Categories:**

 * Core Access, Posts, Pages, Media, Appearance & Themes
 * Plugins, Users, WordPress Updates
 * WooCommerce Products, Orders, Coupons, Reports & Analytics, Settings, Customers
 * Comments

### License

This plugin is licensed under the GNU General Public License v2.0 or later.

Full license text: https://www.gnu.org/licenses/gpl-2.0.html

## 安裝方式

 1. Upload the `limited-admin-role` folder to `/wp-content/plugins/` or install via**
    Plugins  Add New  Upload Plugin**.
 2. Activate the plugin through the **Plugins** menu.
 3. The **Admin Panel Manager** role is created automatically on activation.
 4. Configure settings at **Limited Admin Role** in the WordPress admin sidebar.
 5. Assign the role to users via **Users  Add New** or **Users  Edit User  Role**.

## 常見問題集

### How do I assign the role to a user?

Go to **Users  Add New** and set the Role dropdown to **Admin Panel Manager**. Or
edit an existing user and change their role.

### Can I change which capabilities are granted?

Yes. Go to **Limited Admin Role  Settings  Capabilities tab**. Every capability 
is listed with a checkbox — check to grant, uncheck to deny. Changes apply immediately
on save.

### How does the session timeout work?

On login, the plugin records a timestamp. On every admin page load, it checks if
the elapsed time exceeds the configured limit (default: 12 hours). If so, the session
is destroyed and the user is redirected to the login page with a “Session expired”
message. The auth cookie is also clamped so “Remember Me” cannot extend beyond the
limit.

### Can the user install or activate plugins?

No. Plugin installation, activation, deactivation, update, and deletion are always
blocked. The user can view the installed plugins list (read-only). You can toggle
even view access from the Capabilities tab (activate_plugins cap).

### How does Plugin Access Deny work?

Go to **Limited Admin Role  Plugin Access Deny**. Every active plugin and its detected
admin pages are listed. Check any pages to block them for the Admin Panel Manager
role.

### Is it compatible with WooCommerce HPOS?

Yes. Both the legacy `post_type=shop_order` URL and the new HPOS `page=wc-orders`
URL are blocked.

### Does it work with Rank Math and Yoast SEO?

Yes. Both plugins show their meta boxes to any user with `edit_posts` capability,
which this role has by default.

## 使用者評論

這個外掛目前沒有任何使用者評論。

## 參與者及開發者

以下人員參與了開源軟體〈Limited Admin Role〉的開發相關工作。

參與者

 *   [ minhaz52 ](https://profiles.wordpress.org/minhaz52/)

[將〈Limited Admin Role〉外掛本地化為台灣繁體中文版](https://translate.wordpress.org/projects/wp-plugins/limited-admin-role)

### 對開發相關資訊感興趣？

任何人均可[瀏覽程式碼](https://plugins.trac.wordpress.org/browser/limited-admin-role/)、
查看 [SVN 存放庫](https://plugins.svn.wordpress.org/limited-admin-role/)，或透過
[RSS](https://plugins.trac.wordpress.org/log/limited-admin-role/?limit=100&mode=stop_on_copy&format=rss)
訂閱[開發記錄](https://plugins.trac.wordpress.org/log/limited-admin-role/)。

## 變更記錄

#### 2.3.0

 * Fixed: Rank Math REST API calls (/wp-json/rankmath/v1/updateSettings) returning
   403 — SEO plugin REST routes are now always whitelisted
 * Fixed: manage_options is temporarily elevated during any SEO plugin REST request
   so save/update operations work correctly
 * Improved: Capabilities tab now shows SEO plugin sections only when that plugin
   is actually installed — each setting as its own row, all defaulting to enabled
 * Improved: Rank Math redirections, 404 monitor, analytics, site analysis — all
   individually controllable per row
 * Improved: Yoast and AIOSEO caps similarly separated with all defaults on

#### 2.2.0

 * Fixed: Replaced inline <style> echo in access control with wp_add_inline_style()(
   WordPress.org requirement)
 * Fixed: Replaced inline <style> and <script> in Plugin Access Deny page with wp_add_inline_style()
   and wp_add_inline_script() (WordPress.org requirement)
 * Improved: Plugin Access Deny now uses explicit slug patterns for Rank Math, Yoast,
   AIOSEO, WooCommerce and other major plugins — all their admin pages reliably 
   appear in the deny list
 * Added: Author URI field in plugin header
 * Updated: Contributors field in readme.txt

#### 2.1.0

 * Fixed: SEO plugins (Rank Math, Rank Math Pro, Yoast SEO, Yoast Premium, AIOSEO,
   AIOSEO Pro) now fully unrestricted — all caps pass through freely
 * Added: SEO Plugins capability category with 15 caps across all supported plugins
 * Added: Auto-detection of active SEO plugins shown on General tab
 * Fixed: WordPress.Security.EscapeOutput errors (escaped $found with wp_kses, $
   bg with esc_attr)

#### 2.0.0

 * Added full capabilities registry with 15 categorized sections
 * Added per-capability checkbox grid in settings UI
 * Added Plugin Access Deny submenu for per-plugin admin page blocking
 * Added Grant All / Deny All per category, search/filter, Restore Defaults
 * Added toggle switches for quick access blocks
 * Added unsaved-changes warning in settings
 * Rebuilt settings page with tabbed UI
 * All v1 features preserved

#### 1.1.0

 * Added plugin view-only mode (can see installed plugins list, all actions blocked)
 * Added CSS hiding of plugin action links and bulk-action controls
 * Removed Plugins menu from sidebar (now kept visible as read-only)

#### 1.0.0

 * Initial release
 * Custom Admin Panel Manager role
 * WooCommerce Orders, Customers, Users, Reports blocking
 * 12-hour session timeout with configurable settings page
 * REST API blocking for orders, customers, users
 * Compatible with Rank Math, Yoast SEO, WooCommerce HPOS

## 中繼資料

 *  版本 **2.9.1**
 *  最後更新 **2 個月前**
 *  啟用安裝數 **少於 10 次**
 *  WordPress 版本需求 ** 6.0 或更新版本 **
 *  已測試相容的 WordPress 版本 **6.9.4**
 *  PHP 版本需求 ** 7.4 或更新版本 **
 *  語言
 * [English (US)](https://wordpress.org/plugins/limited-admin-role/)
 * 標籤:
 * [access-control](https://tw.wordpress.org/plugins/tags/access-control/)[admin](https://tw.wordpress.org/plugins/tags/admin/)
   [role](https://tw.wordpress.org/plugins/tags/role/)[user role](https://tw.wordpress.org/plugins/tags/user-role/)
   [woocommerce](https://tw.wordpress.org/plugins/tags/woocommerce/)
 *  [進階檢視](https://tw.wordpress.org/plugins/limited-admin-role/advanced/)

## 評分

這個項目尚無任何評論記錄。

[Your review](https://wordpress.org/support/plugin/limited-admin-role/reviews/#new-post)

[查看全部使用者評論](https://wordpress.org/support/plugin/limited-admin-role/reviews/)

## 參與者

 *   [ minhaz52 ](https://profiles.wordpress.org/minhaz52/)

## 技術支援

使用者可在技術支援論壇提出意見反應或使用問題。

 [檢視技術支援論壇](https://wordpress.org/support/plugin/limited-admin-role/)