Advanced Access Manager


Advanced Access Manager (aka AAM) is all you need to manage access to your website frontend and backend for any user, role or visitors.
Please Note! Some features are limited or not included in the basic plugin installation. Upon activation go to the Extensions tab to learn more about free and premium extensions that are available for download.

Backend Lockdown

Restrict access to your website backend side for any user or role. For more information about this feature
refer to the How to lockdown WordPress backend

Manage Posts & Categories

Manage access to unlimited number of post, page or custom post type. With premium AAM Plus Package extension
also manage access to categories, custom hierarchical taxonomies or setup the default
access to all posts and categories. Refer to How to manage WordPress post and category access
to learn more about this feature.

Track Any User Activities

Track any user or visitor activities on your website with AAM User Activity extension. For more information about this
feature refer to the How to track any WordPress user activity

404 Redirect

Redirect all users and visitors to specific page, URL or custom callback function when page does not exist.

Login/Logout Redirect

Define custom login and logout redirect for any user or group of users.

Manage Backend Menu

Manage access to the backend menu for any user or group or users (roles).

Manage Capabilities

Create, edit or delete capabilities for any role or even user.

Manage Access Based On Geo Location And IP

Manage access to your website for all visitors based on referred host, IP address or geographical location.
For more information about this feature check How to manage access to WordPress website based on location article

Manage Redirects

Define custom access denied or login redirects for any user or group of users. Redirect
user to any existing page, URL or specify your own PHP callback function to handle it.

Manage Metaboxes and Widgets

Filter list of metaboxes and widgets on both frontend and backend for any user,
group of users or visitors.

Content Teaser

Create your own content teaser for any limited post, page or custom post type.

Content Filter

Filter or replace blocks of your content with [aam] shortcodes. For more information about this
feature refer to the How to filter WordPress post content article

Payments API

Start selling access to your website content or even user levels with premium AAM Payment extension. For
more information refer to the AAM Payment extension


Protect your website from brute force and dictionary attacks or activate double authentication
when user credentials are used from unexpected location.

Manage Roles

Create, edit, clone, delete any role. With AAM Role Hierarchy extension define complex
role hierarchy tree.

Single point API

Easy to use programmatic interface that is used to develop your own custom

//Get AAM_Core_Subject. This object allows you to work with access control
//for current logged-in user or visitor
$user = AAM::getUser();

//Example 1. Get Post with ID 10 and check if current user has access to read it
//on the frontend side of the website. If true then access denied to read this post.
$user->getObject('post', 10)->has('');

//Example 2. Get Admin Menu object and check if user has access to Media menu.
//If true then access denied to this menu

Check our help page to find out more about AAM.


  • Manage access to backend menu
  • Manage access to metaboxes & widgets
  • Manage capabilities for roles and users
  • Manage access to posts, pages, media or custom post types
  • Posts and pages access options form
  • Define access to posts and categories while editing them
  • Manage access denied redirect rule
  • Manage user login redirect
  • Manage 404 redirect
  • Create your own content teaser for limited content
  • Improve your website security


  1. Upload advanced-access-manager folder to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress


Installation Instructions
  1. Upload advanced-access-manager folder to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress


Excellent plugin

I’ve been using AAM for some time now and have to say I have yet to find anything else that comes close to it. It really does have pretty much everything you need to manage access to content in WordPress, and the developer is very responsive to feedback and requests for help – a great guy to work with. Highly recommended.

Excellent Support

This plugin did exactly what I needed to and after I buggered up the settings, support was very quick to give me advise to fix it. Then even when we thought we found a conflict with my theme, support was quick to find the correct setting.

Excellent support. Plugin works great!

Very helpful

Built an website with AAM built in.
Couldn’t figure out some things.
Send e-mail to Vasyl and within a blink of an eye I got a response.
Good service and solved my problems!
Thank you very much.

Good, powerful plugin

I wanted to add this review because this plugin has an undeserved low rating.

I guess the other reviewers got a wrong impression from the plugin description or they didn’t bother to read it.

The included features in the free plugin cover my needs (and more), so I didn’t need to buy any of the extensions.

The plugin is quite powerful, so of course you need to take care when using it.

Plugin MUCH better than author’s marketing skills

My main concern with this plugin is the high number of negative reviews. They might undermine the credibility of this plugin and deter potential users from even trying it.

Most negative reviewers FEEL cheated when they discover there is a paid version that does what they need. The author should address these feelings, imho.

Please state limitations clearly & link to paid version openly.

Pricing is reasonable on closer look (one off, no yearly fee), excellent documentation, works flawlessly – so far.

Read all 184 reviews

Contributors & Developers

“Advanced Access Manager” is open source software. The following people have contributed to this plugin.




  • Significantly improved the ability to manage access to AAM interface
  • Added new group of capabilities AAM Interface
  • Optimized Posts & Pages UI feature for extra large amount of records
  • BIGGEST DEAL! From now no more 10 posts limit. It is unlimited!
  • Fixed bug with custom HTML message for access denied redirect
  • Added option to redirect to login page and back after login when access is denied
  • Significantly improved media access control
  • Improved CSS to keep to suppress “bad behavior” from other plugins and themes


  • Added ability to logout automatically locked user
  • Updated capability feature to allow set custom capabilities on user level
  • Improved Posts & Pages feature for large number of posts
  • Few minor bug fixed reported by CodePinch


  • Fixed bug with user capabilities
  • Fixed bug with post access settings not being checked even when they are
  • Added ability to manage hidden post types
  • Added ability to manage number of analyzed posts with get_post_limit config


  • Fixed internal bug with custom post type LIST control
  • Fixed PHP errors in Access Manager metabox
  • Fixed bug with customize.php not being able to restrict
  • Fixed bug with losing AAM licenses when Clearing all AAM settings
  • Fixed bug with not being able to turn off Access Manager metabox rendering
  • Fixed bug with access denied default redirect
  • Fixed bug with cached javascript library
  • Fixed bug with role hierarchy
  • Improved media access control
  • Improved Double Authentication mechanism
  • Improved AAM caching mechanism
  • Minor UI improvements
  • Added ability to define logout redirect
  • Added Access Expiration option to Posts & Pages
  • Added ability to turn off post LIST check for performance reasons
  • Added ability to add default media image instead of restricted
  • Added ability to remove Access link under posts, users title on the list page


  • Fixed few minor bugs reported by users
  • Refactored Extensions functionality
  • Added fully functioning Access Manager Widget for both Posts and Categories
  • Updated documentation
  • Significantly improved performance


  • Adjusted code to support low memory servers


  • Fixed bug with frontend page redirect
  • Significantly improved AAM speed and caching
  • Added 404 redirect to the Default Settings


  • Minor bug fixes


  • Fixed the bug with SSL when WordPress is not configured properly
  • Added AAM User Activity extension
  • Added ability to track access denied events
  • Fixed the bug with internal AAM configurations
  • Fixed the bug with login hook when only one argument is passed
  • Fixed the bug with invalid argument is passed to password protected check


  • Fixed the bug with post list caching
  • Fixed the bug with Manage Access button
  • Added REDIRECT option to post access list
  • Added redirect to existing page for Backend tab on Access Denied Redirect
  • Improved caching mechanism


  • Fixed bug with Post & Pages UI
  • Added ability to define default category for any role or user


  • Added AAM IP Check extension
  • Improved Content filter shortcode to allow other shortcodes inside
  • Fixed bug for add/edit role with apostrophe
  • Fixed bug with custom Access Denied message
  • Fixed bug with data migration


  • Fixed bug with login redirect
  • Fixed minor bug with PHP Warnings on Utilities tab
  • Fixed post filtering bug
  • Updated login shortcode


  • Added link Access to category list
  • Added shortcode [aam] to manage access to the post’s content
  • Moved AAM Redirect extension to the basic AAM package
  • Moved AAM Login Redirect extension to the basic AAM package
  • Moved AAM Content Teaser extension to the basic AAM package
  • Set single password for any post or posts in any category or post type
  • Added two protection mechanism from login brute force attacks
  • Added double authentication mechanism
  • Few minor core bug fixings
  • Improved multisite support
  • Improved caching mechanism

  • Fixed bug with login redirect


  • General bug fixing and improvements
  • Added ability to setup access settings to all Users, Roles and Visitors
  • Added Login Redirect feature


  • Bug fixing
  • Implemented license check mechanism
  • Improved media access control
  • Added ConfigPress extension

  • Bug fixing
  • Simplified affiliate implementation

  • Minor bug fixes reported by CodePinch service


  • Bug fixing
  • Internal code improvements
  • Extended list of post & pages access options

  • Minor bug fix to cover uncommon scenario when user without role


  • Replaced AAM Post Filter extension with core option “Large Post Number Support”
  • Removed redundant HTML permalink support
  • Visually highlighted editing role or user is administrator
  • Hide restricted actions for roles and users on User/Role Panel
  • Minor UI improvements
  • Significant improvements to post & pages access inheritance mechanism
  • Optimized caching mechanism
  • Fixed bug with post frontend access


  • Fixed UI bug with role list
  • Fixed core bug with max user level
  • Fixed bug with CodePinch installation page
  • Added native user switch functionality


  • Fixed the bug with post access inheritance
  • Update CodePinch affiliate program


  • Optimized AAM UI to manage large amount of posts and categories
  • Improved Multisite support
  • Improved UI
  • Fixed bug with Extensions tab
  • Added ability to check for extension updates manually


  • Minor refactoring
  • UI improvements
  • Bug fixing


  • Added Clone Role feature
  • Added auto cache clearing on term or post update
  • Added init custom URL for metaboxes


  • Fixed bug related to Media Access Control
  • Fixed bug with cleaning user posts & pages cache after profile update


  • Added AAM Content Teaser extension
  • Added LIMIT option to Posts & Pages access forms to support Teaser feature
  • Bug fixing
  • Improved UI
  • Added ability to show/hide admin bar with show_admin_bar capability


  • Added AAM Role Hierarchy extension
  • Fixed bug with 404 page for frontend
  • Started CSS fixes for all known incompatible themes and plugins


  • Introduced Redirect feature
  • Added CodePinch widget
  • Added AAM Redirect extension
  • Added AAM Complete Package extension
  • Removed AAM Development extension
  • Removed setting Access Denied Handling from the Utilities tab


  • Bug fixing related to URL redirect
  • Added back deprecated ConfigPress class to keep compatability with old extensions
  • Fixed bug reported through CodePinch service


  • Added Media Access Control feature
  • Added Access Denied Handling feature
  • Improved core functionality


  • Improved access control for Posts & Pages
  • Introduced Access Manager metabox to Post edit screen
  • Added Access action to list of Posts and Pages
  • Improved UI
  • Deprecated Skeleton extension in favor to upcoming totally new concept
  • Fixed bug with metaboxes initialization when backend filtering is OFF


  • Fixed bug with post & pages access control
  • Added Extension version indicator


  • Fixed bug with visitor access control


  • Refactored backend UI implementation
  • Integrated Utilities extension to the core
  • Improved capability management functionality
  • Improved UI
  • Added caching mechanism to the core
  • Improved caching mechanism
  • Fixed few functional bugs


  • Improved UI
  • Completely protect Admin Menu if restricted
  • Tiny core refactoring
  • Rewrote UI descriptions


  • Quick fix for extensions ajax calls


  • Improved AAM security reported by James Golovich from Pritect
  • Extended core to allow manage access to AAM features via ConfigPress


  • Added show_screen_options capability support to control Screen Options Tab
  • Added show_help_tabs capability support to control Help Tabs
  • Added AAM Support


  • Fixed minor bug reporetd by WP Error Fix
  • Extended core functionality to support filter by author for Plus Package
  • Added Contact Us tab


  • Improved UI
  • Fixed the bug reported by WP Error Fix


  • Fixed bug with menu/metabox checkbox
  • Added extra hook to clear the user cache after profile update
  • Added drill-down button for Posts & Pages tab

  • One more minor issue


  • Fixed bug with default post settings
  • Filtering roles and capabilities form malicious code


  • Quick fix


  • Fixed potential bug with check user capability functionality
  • Added social links to the AAM page


  • Integrated User Switch with AAM
  • Fixed bugs reported by WP Error Fix
  • Removed intro message
  • Improved AAM speed
  • Updated AAM Utilities extension
  • Updated AAM Plus Package extension
  • Added new AAM Skeleton Extension for developers


  • Fixed bug reported by WP Error Fix when user’s first role does not exist
  • Fixed bug reported by WP Error Fix when roles has invalid capability set


  • Added ability to extend the AAM Utilities property list
  • Updated AAM Plus Package with ability to toggle the page categories feature
  • Added WP Error Fix promotion tab
  • Finalized and resolved all known issues


  • Extended AAM with few extra core filters and actions
  • Added role list sorting by name
  • Added WP Error Fix item to the extension list
  • Fixed the issue with language file


  • Fixed the warning issue with newly installed AAM instance


  • Fixed issue when server has security policy regarding file_get_content as URL
  • Added filters to support Edit/Delete caps with AAM Utilities extension
  • Updated AAM Utilities extension
  • Refactored extension list manager
  • Added AAM Role Filter extension
  • Added AAM Post Filter extension
  • Standardize the extension folder name


  • Wrapped all *.phtml files into condition to avoid crash on direct file access
  • Fixed bug with Visitor subject API
  • Added internal capability id to the list of capabilities
  • Fixed bug with strict standard notice
  • Fixed bug when extension after update still indicates that update is needed
  • Fixed bug when extensions were not able to load js & css on windows server
  • Updated AAM Utilities extension
  • Updated AAM Multisite extension


  • Improved the Metaboxes & Widget filtering on user level
  • Improved visual feedback for already installed extensions
  • Fixed the bug when posts and categories were filtered on the AAM page
  • Significantly improved the posts & pages inheritance mechanism
  • Updated and fixed bugs in AAM Plus Package and AAM Utilities
  • Improved AAM navigation during page reload
  • Removed Trash post access option. Now Delete option is the same
  • Added UI feedback on current posts, menu and metaboxes inheritance status
  • Updated AAM Multisite extension


  • Fixed bug with backend menu saving
  • Fixed bug with metaboxes & widgets saving
  • Fixed bug with WP_Filesystem when non-standard filesystem is used
  • Optimized Posts & Pages breadcrumb load


  • Fixed a bug with posts access within categories
  • Significantly improved the caching mechanism
  • Added mandatory notification if caching is not turned on
  • Added more help content


  • Fixed the bug with capability saving
  • Fixed the bug with capability drop-down menu
  • Made backend menu help is more clear
  • Added tooltips to some UI buttons


  • Brand new and much more intuitive user interface
  • Fully responsive design
  • Better, more reliable and faster core functionality
  • Completely new extension handler
  • Added “Manage Access” action to the list of user
  • Tested against WP 3.8 and PHP 5.2.17 versions


  • Added missing files from the previous commit.


  • Introduced AAM version 3 alpha


  • Small fix in core
  • Moved ConfigPress as stand-alone plugin. It is no longer a part of AAM
  • Styled the AAM notification message


  • AAM is changing the primary owner to VasylTech
  • Removed contextual help menu
  • Added notification about AAM v3


  • Tested and verified functionality on the latest WordPress release
  • Removed AAM Plus Package. Happy hours are over.


  • Fixed bugs reported by (@TheThree)
  • Improved CSS


  • Updated the extension list pricing
  • Updated AAM Plugin Manager


  • Improved ConfigPress security (thanks to Tom Adams from
  • Added ConfigPress new setting control_permalink


  • Fixed issue with Default acces to posts/pages for AAM Plus Package
  • Fixed issue with AAM Plugin Manager for lower PHP version


  • Simplified the Repository internal handling
  • Added Development License Support


  • Fixed issue with AAM Control Manage HTML
  • Fixed issue with __PHP_Incomplete_Class
  • Added AAM Plugin Manager Extension
  • Removed Deprecated ConfigPress Object from the core


  • Fixed bug with subject managing check
  • Fixed bug with update hook
  • Fixed issue with extension activation hook
  • Added AAM Security Feature. First iteration
  • Improved CSS


  • Fixed bug with user inheritance
  • Fixed bug with user restore default settings
  • Fixed bug with installed extension detection
  • Improved core extension handling
  • Improved subject inheritance mechanism
  • Removed deprecated ConfigPress Tutorial
  • Optimized CSS
  • Regenerated translation pot file


  • Fixed issue with AAM Plus Package and Multisite
  • Introduced Development License
  • Minor internal adjustment for AAM Development Community


  • Added Norwegian language Norwegian (by Christer Berg Johannesen)
  • Localize the default Roles
  • Regenerated .pod file
  • Added AAM Media Manager Extension
  • Added AAM Content Manager Extension
  • Standardized Extension Modules
  • Fixed issue with Media list


  • Added Persian translation by Ghaem Omidi
  • Added Inherit Capabilities From Role drop-down on Add New Role Dialog
  • Small Cosmetic CSS changes


  • Fixed issue with jQuery UI Tooltip Widget
  • Added AAM Warning Panel
  • Added Event Log Feature
  • Moved ConfigPress to separate Page (refactored internal handling)
  • Reverted back the SSL handling
  • Added Post Delete feature
  • Added Post’s Restore Default Restrictions feature
  • Added ConfigPress Extension turn on/off setting
  • Russian translation by (Maxim Kernozhitskiy
  • Removed Migration possibility
  • Refactored AAM Core Console model
  • Increased the number of saved restriction for basic version
  • Simplified Undo feature


  • Fixed issue with Admin Menu restrictions (thanks to MikeB2B)
  • Added Polish Translation
  • Fixed issue with Widgets restriction
  • Improved internal User & Role handling
  • Implemented caching mechanism
  • Extended Update mechanism (remove the AAM cache after update)
  • Added New ConfigPress setting aam.caching (by default is FALSE)
  • Improved Metabox & Widgets filtering mechanism
  • Added French Translation (by Moskito7)
  • Added “My Feature” Tab
  • Regenerated .pot file


  • New UI
  • Robust and completely new core functionality
  • Over 3 dozen of bug fixed and improvement during 3 alpha & beta versions
  • Improved Update mechanism


  • Fixed issue with comment editing
  • Implemented JavaScript error catching