{"id":30348482,"url":"https://github.com/estebanforge/fuerte-wp","last_synced_at":"2026-05-16T22:01:46.661Z","repository":{"id":48325670,"uuid":"307880247","full_name":"EstebanForge/Fuerte-WP","owner":"EstebanForge","description":"A WordPress plugin to enforce certain security focused limits for users with wp-admin access.","archived":false,"fork":false,"pushed_at":"2026-04-25T00:50:10.000Z","size":5525,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2026-04-25T02:37:37.577Z","etag":null,"topics":["wordpress"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/EstebanForge.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2020-10-28T02:01:06.000Z","updated_at":"2026-04-25T00:49:47.000Z","dependencies_parsed_at":"2023-11-06T23:21:46.430Z","dependency_job_id":"2818f27a-4c21-44ba-b33b-e2299f255187","html_url":"https://github.com/EstebanForge/Fuerte-WP","commit_stats":null,"previous_names":["estebanforge/fuerte-wp","tcattd/fuerte-wp"],"tags_count":34,"template":false,"template_full_name":null,"purl":"pkg:github/EstebanForge/Fuerte-WP","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EstebanForge%2FFuerte-WP","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EstebanForge%2FFuerte-WP/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EstebanForge%2FFuerte-WP/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EstebanForge%2FFuerte-WP/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/EstebanForge","download_url":"https://codeload.github.com/EstebanForge/Fuerte-WP/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EstebanForge%2FFuerte-WP/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33120450,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-16T18:38:32.183Z","status":"ssl_error","status_checked_at":"2026-05-16T18:38:29.903Z","response_time":115,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["wordpress"],"created_at":"2025-08-18T18:19:45.691Z","updated_at":"2026-05-16T22:01:46.655Z","avatar_url":"https://github.com/EstebanForge.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Fuerte-WP\n\n\u003cp align=\"center\"\u003e\n\t\u003cimg src=\"https://github.com/EstebanForge/Fuerte-WP/blob/master/.wp-org-assets/icon-256x256.png?raw=true\" alt=\"Fuerte-WP Logo\" /\u003e\n\u003c/p\u003e\n\nTake control of your WordPress security \u0026 maintenance. Automate plugin updates, manage administrator access, and prevent broken functionality from outdated plugins without proper oversight.\n\nFuerte-WP is the ultimate WordPress security \u0026 maintenance solution that combines automated updates with administrator oversight to prevent plugin conflicts before they break your site.\n\nAvailable at the official [WordPress.org plugins repository](https://wordpress.org/plugins/fuerte-wp/).\n\n## Why?\n\nIs your WordPress site suffering from plugin neglect? Every day, thousands of sites break due to outdated plugins, untested updates, and lack of proper maintenance oversight.\n\n**⚠️ THE REALITY:**\n- 90% of WordPress site failures are caused by outdated plugins, themes or incompatible updates\n- Most WordPress downtime happens from untested plugin updates by administrators with too much freedom\n- Your WordPress installation is only as reliable as your maintenance routine\n\n**🔥 WHY FUERTE-WP IS DIFFERENT:**\n\nMost maintenance plugins just alert you AFTER something breaks. Fuerte-WP PREVENTS issues before they happen, combining automated updates with access control that works together seamlessly.\n\n**🚨 CRITICAL SECURITY PROTECTION:** Supply chain attacks happen when even trustworthy developers have their accounts compromised. Attackers push malicious updates that thousands of sites auto-install within hours. Fuerte-WP's **Blocked Updates** lets you freeze plugins at safe versions when you learn of compromises, protecting your site when even developers can't protect their own update systems.\n\nFuerte-WP auto-protects itself and cannot be disabled, unless your account is declared as super user, or you have access to the server (FTP, SFTP, SSH, cPanel/Plesk, etc.).\n\n## Auto-Update Management System\n\n🚨 **Intelligent Update Scheduling \u0026 Control**\n\nFuerte-WP's Auto-Update Management System provides comprehensive control over WordPress maintenance:\n\n### 📅 Update Scheduling\n- **Intelligent Update Scheduling**: Configurable update frequency (default: every 12 hours)\n- **Selective Updates**: Choose which plugins, themes, and core components to auto-update\n- **Compatibility Monitoring**: Track which updates are safe and tested\n- **Real-Time Update Dashboard**: Live dashboard showing current update status and scheduled maintenance\n\n### 🛡️ Update Control Modes\n- **Deferred Updates**: Exclude specific plugins/themes from auto-updates while allowing manual updates\n- **Blocked Updates**: Completely prevent updates for specific plugins/themes (both automatic and manual)\n  - Blocked items are removed from update transients entirely\n  - No update notices appear in the WordPress admin\n  - **Supply Chain Attack Protection**: Lock plugins at safe versions when developer accounts are compromised\n  - Use when even trustworthy developers can't protect their own update systems\n  - Perfect for responding to security incidents and compromised plugins\n\n### 👑 Administrator Oversight\n- **Super User Access**: Designate who has full maintenance control (YOU) while restricting others\n- **Role-Based Permissions**: Granular control over what different admin roles can modify\n- **Plugin \u0026 Theme Management**: Prevent other admins from installing unstable plugins or untested updates\n- **Menu Management**: Hide sensitive WordPress settings from inexperienced administrators\n\n### 📊 Maintenance Command Center\n- **Live Update Monitoring**: Real-time AJAX dashboard shows plugin/theme updates as they happen\n- **Detailed Maintenance Logs**: Comprehensive logging with timestamps, versions, and compatibility notes\n- **Export Maintenance Data**: Download update reports for analysis or compliance\n- **Smart Notifications**: Get alerted about available updates and maintenance tasks\n\n### 🇪🇺 Email Management\n- **Recovery Email Routing**: Route WordPress admin emails to the right maintenance team\n- **Custom Sender Configuration**: Professional email sender setup that matches your domain\n- **Email Audit Trail**: Logging that helps with maintenance communication tracking\n\n### 🔐 Optional: Admin Access Management\n*For organizations with multiple administrators*\n\n- **Custom Login Endpoints**: Create dedicated maintenance access points\n- **Smart Redirection**: Guide users to appropriate admin areas based on permissions\n- **WP-Admin Access Control**: Restrict direct `/wp-admin/` access for specific user roles\n\n**Note**: These features are optional and should be used based on your specific organizational needs.\n\n## Key Features\n\n### ⚙️ Advanced WordPress Optimization\n- **Automated Update Management**: Background updates for core, plugins, themes, and translations\n- **Deferred Updates**: Exclude specific plugins/themes from auto-updates while maintaining manual control\n- **Blocked Updates**: Completely prevent updates for critical plugins/themes (automatic and manual)\n- **API Optimization**: Disable unused XML-RPC endpoints and optimize REST API access\n- **Email Configuration**: Customize WordPress recovery and sender email addresses\n- **Performance Hardening**: Disable unused features, optimize database performance\n- **Background Processing**: Maintenance tasks that don't slow down your site\n\n### 👑 Administrator Oversight System\n- **Super User Control**: Designate who has full maintenance access while restricting others\n- **Role-Based Permissions**: Granular control over what different admin roles can modify\n- **Plugin \u0026 Theme Management**: Prevent other admins from installing unstable plugins or untested updates\n- **Menu Management**: Hide sensitive WordPress settings from inexperienced administrators\n- **User Account Protection**: Protect maintenance accounts from being modified by other admins\n\n### 📊 Maintenance Command Center\n- **Live Update Monitoring**: Real-time AJAX dashboard shows plugin/theme updates as they happen\n- **Detailed Maintenance Logs**: Comprehensive logging with timestamps, versions, and compatibility notes\n- **Export Maintenance Data**: Download update reports for analysis or compliance\n- **Smart Notifications**: Get alerted about available updates and maintenance tasks\n- **One-Click Management**: Instantly schedule updates, clear logs, or manage maintenance tasks\n\n### 🔧 Developer Features\n- **File-Based Configuration**: Support for `wp-config-fuerte.php` for mass deployment\n- **Configuration Caching**: Optimized performance with intelligent caching\n- **Hook System**: Extensible architecture with comprehensive WordPress hook integration\n- **Multisite Support**: Compatible with WordPress multisite installations\n\n**🔒 WHY CHOOSE FUERTE-WP?**\n\n✅ **PROACTIVE MAINTENANCE** - Prevents plugin conflicts BEFORE they break your site\n✅ **INTELLIGENT UPDATE MANAGEMENT** - Real-time update scheduling and compatibility checking\n✅ **ADMIN OVERSIGHT CONTROL** - Controls what other administrators can modify\n✅ **EMAIL MANAGEMENT** - Built-in email routing and configuration features\n✅ **PERFORMANCE OPTIMIZED** - Won't slow down your website\n✅ **MULTISITE COMPATIBLE** - Works on single sites and WordPress networks\n✅ **SELF-PROTECTING** - Cannot be disabled by non-super users\n✅ **DEVELOPER FRIENDLY** - File-based configuration for mass deployment\n✅ **SMART MAINTENANCE APPROACH** - Focuses on prevention over reactive fixes\n\n**🎯 PERFECT FOR:**\n- Multi-author blogs and news sites with frequent content updates\n- Client websites built by agencies that need reliable maintenance\n- E-commerce stores with critical uptime requirements\n- Educational institutions with multiple WordPress installations\n- Enterprise WordPress deployments requiring strict maintenance policies\n- **Sites concerned about supply chain attacks** - protect yourself when developer accounts are compromised\n- Anyone serious about WordPress maintenance and reliability\n\n## How to Install\n\n**⚡ INSTALL IN SECONDS, MAINTAIN FOR YEARS**\n\n1. Click \"Install Now\" or search for \"Fuerte-WP\" in your WordPress dashboard\n2. Activate the plugin\n3. Visit Settings \u003e Fuerte-WP to configure the settings as you like. Defaults are good if you want to leave them like that\n4. Congratulations! Your WordPress site is now professionally maintained.\n\n### Harder configuration (optional)\n\nFuerte-WP allows you to configure it \"harder\". This way, Fuerte-WP options inside wp-admin panel aren't even shown at all. Useful to mass deploy Fuerte-WP configuration to multiple WordPress installations.\n\nTo use the harder configuration, follow this steps:\n\n- Download a copy of [```config-sample/wp-config-fuerte.php```](https://github.com/EstebanForge/Fuerte-WP/blob/master/config-sample/wp-config-fuerte.php) file, and set it up with your desired settings. Edit and tweak the configuration array as needed.\n\n- Upload your tweaked ```wp-config-fuerte.php``` file to your WordPress's root directory. This usually is where your wp-config.php file resides.\n\n- When Fuerte-WP detects that file, it will load the configuration from it. This will bypass the DB values from the options page, completely.\n\n#### Config file updates\n\nTo check if your ```wp-config-fuerte.php``` file need an update, follow this steps:\n\nCheck the default [```config-sample/wp-config-fuerte.php```](https://github.com/EstebanForge/Fuerte-WP/blob/master/config-sample/wp-config-fuerte.php) file. The header of the sample config will have the version when it was last modified.\n\nThen check out your own ```wp-config-fuerte.php``` file. If yours has a lower version number, then you need to update your settings array.\n\nCompare your config with the [default wp-config-fuerte.php file](https://github.com/EstebanForge/Fuerte-WP/blob/master/config-sample/wp-config-fuerte.php) and add the new/missing settings to your file. You can use [Meld](https://meldmerge.org), [WinMerge](https://winmerge.org), [Beyond Compare](https://www.scootersoftware.com), [Kaleidoscope](https://kaleidoscope.app), [Araxis Merge](https://www.araxis.com/merge/), [Diffchecker](https://www.diffchecker.com) or any similar software diff to help you here.\n\nUpload your updated ```wp-config-fuerte.php``` to your WordPress's root directory and replace the old one.\n\nDon't worry. New Fuerte-WP features that need new configuration values will not run or affect you until you upgrade your config file and add the new/missing settings.\n\n## Documentation\n\nFor detailed documentation, please see:\n\n- **[FAQ](docs/FAQ.md)** - Frequently Asked Questions\n- **[Changelog](CHANGELOG.md)** - Version history and changes\n- **[Deployment Guide](docs/DEPLOYMENT.md)** - Deployment instructions and best practices\n- **[Composer Commands](docs/COMPOSER_COMMANDS.md)** - Available composer scripts for development\n- **[Security Policy](SECURITY.md)** - Security reporting and policies\n- **[CLAUDE.md](CLAUDE.md)** - Project architecture and development guidelines (for contributors)\n- **[TODO](docs/TODO.md)** - Planned features and development roadmap\n\n## FAQ\n\nCheck the [full FAQ here](docs/FAQ.md).\n\n## Suggestions, Support\n\nPlease, open [a discussion](https://github.com/EstebanForge/Fuerte-WP/discussions).\n\n## Bugs and Error reporting\n\nPlease, open [an issue](https://github.com/EstebanForge/Fuerte-WP/issues).\n\n## Changelog\n\nSee [CHANGELOG.md](CHANGELOG.md) for version history and changes.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Festebanforge%2Ffuerte-wp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Festebanforge%2Ffuerte-wp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Festebanforge%2Ffuerte-wp/lists"}