IA.Top Connect

Description

This plugin securely links your WordPress site to a content automation platform in a single click, so that new articles can be published on your behalf without ever sharing your admin password.

Once connected, the platform automatically publishes search-engine-optimized articles to your blog, written and structured to match your industry and brand voice. The plugin detects whichever SEO plugin you already use — Yoast SEO, Rank Math, SEOPress, or All in One SEO — and fills in the title, meta description, and focus keyword for every article it publishes, so your existing SEO setup keeps working exactly as before.

What the plugin does:

  • Securely generates a WordPress Application Password so the automation platform can publish on your behalf, without ever handling your admin password
  • Sends those credentials to the platform over an encrypted connection
  • Lets you disconnect at any time — the generated password is removed automatically
  • Cleans up the connection and the generated password automatically if you deactivate or remove the plugin
  • Keeps track of page views and internal link clicks on published posts, so you can see how each article performs

Requirements:

  • WordPress 5.6 or later (needed for Application Passwords)
  • A user account with administrator permissions
  • A client code, provided when you sign up for the automation service

External services

This plugin connects to IA.Top (inteligenciaartificial.top), the AI content automation platform this plugin gives access to. This service is provided by IA.Top: terms of service, privacy policy. The following calls are made:

  • When you click “Connect with IA.Top”: the plugin sends your site’s domain, REST API URL, the WordPress username and email of the connecting administrator, a freshly generated WordPress Application Password, the site’s name/language/version, the detected SEO plugin, and a per-site secret used to authenticate later calls, to https://n8n.inteligenciaartificial.top/webhook/wordpress-connect. This only happens when an administrator enters their client code and clicks “Connect with IA.Top”.
  • When you disconnect, deactivate, or uninstall the plugin: the same endpoint above is notified (domain + action) so IA.Top stops publishing to your site.
  • When a post’s status changes (published, scheduled, trashed, or permanently deleted): the plugin notifies https://n8n.inteligenciaartificial.top/webhook/post-status-changed with the post ID, the old and new status, and the date — only if the site is connected.
  • When a visitor clicks a link inside a single post: the plugin notifies https://n8n.inteligenciaartificial.top/webhook/link-click with the URL, the link text, the page zone, and a non-reversible visitor hash built from the IP address, user agent, and a salt that rotates daily — the raw IP address is never stored or sent — only if the site is connected.
  • The IA.Top dashboard polls GET /wp-json/ia/v1/posts-sync on your own WordPress site (not the other way around) to read the status, content, and view count of your posts.

None of these calls are made unless you have connected the plugin using your IA.Top client code.

Installation

  1. Upload the ia-top-connect folder to the /wp-content/plugins/ directory
  2. Activate the plugin from the WordPress ‘Plugins’ menu
  3. Go to the new ‘IA.Top’ section in the side menu
  4. Enter your client code and click ‘Connect with IA.Top’

FAQ

Is it safe?

Yes. The plugin uses WordPress’s native Application Passwords system. The generated password only grants access to the REST API, not the admin dashboard. You can revoke it at any time.

What happens if I deactivate the plugin?

The Application Password is automatically deleted and IA.Top is notified to stop publishing.

Can I reconnect after disconnecting?

Yes, just enter your client code again and connect. A new password will be generated.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“IA.Top Connect” is open source software. The following people have contributed to this plugin.

Contributors

Translate “IA.Top Connect” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.6.6

  • Added a per-IP rate limit to the public /pv and /lc beacon endpoints, capping how many post-meta writes, dedup transients, and outbound webhook calls a single client can trigger per minute

1.6.5

  • Added a Terms of Service link alongside the Privacy Policy link in the External services section

1.6.4

  • Moved the admin settings page CSS out of an inline <style> tag and into wp_add_inline_style(), loaded only on the plugin’s own admin page
  • Tightened REST permissions: /posts-sync now requires manage_options (it returns full site content including private/trashed posts), /seo-fields now checks edit_post capability for the specific post being modified, and /seo-plugin now requires edit_posts instead of being public
  • Translated the rest of the readme (Installation, FAQ, External services, Tags) to English, and documented each external service call with what is sent, when, and a link to IA.Top’s privacy policy
  • Translated the plugin header description to English

1.6.3

  • Removed the Plugin URI header — it was identical to Author URI, which WordPress.org’s submission form rejects

1.6.2

  • Fixed two remaining Plugin Check warnings by moving the phpcs:ignore comments to the exact lines they needed to cover
  • Expanded the English plugin description (the short version was likely triggering a language-detection false positive)

1.6.1

  • Fixed unescaped output flagged by the WordPress Plugin Check tool (version number, admin notice link)
  • Removed suppress_filters from the posts-sync query (discouraged by WordPress performance guidelines)
  • Sanitized and unslashed all $_SERVER/$_POST reads ($_SERVER[‘REMOTE_ADDR’], HTTP_USER_AGENT, HTTP_REFERER, iatop_client_uuid)
  • The connect form now verifies the nonce before re-displaying a previously submitted client code
  • Documented the direct $wpdb calls against AIOSEO’s own table with justification comments (no core API exists for it)
  • Renamed unprefixed globals in uninstall.php
  • Updated “Tested up to” and translated the plugin’s short and long description to English, as required for the WordPress.org directory listing

1.6.0

  • Added uninstall.php: cleans up the Application Password and connection when the plugin is deleted, not just deactivated
  • Added the “External services” section to the readme, documenting each outbound call to IA.Top
  • Fixed the readme’s Stable tag, which didn’t match the plugin’s real version
  • Updated the Contributors list

1.5.5

  • Automatic detection of the active SEO plugin (Yoast, Rank Math, SEOPress, AIOSEO) and a unified /wp-json/ia/v1/seo-fields endpoint to write title, description, and focus keyword regardless of which plugin is installed
  • Direct write access to wp_aioseo_posts for AIOSEO (no paid REST add-on required)
  • /wp-json/ia/v1/posts-sync endpoint so IA.Top can reconcile post status, content, and views
  • View (post_views_count) and link-click tracking, with 15-minute deduplication and bot filtering
  • Notifies IA.Top on post status changes (publish, schedule, trash) and on permanent deletion
  • Fixed the real publish date on scheduled posts
  • “Views” column in the admin post list
  • Admin notice when the plugin is installed but not connected

1.1.0

  • Initial release
  • Connection to IA.Top via Application Passwords
  • Status panel with connect/disconnect
  • Automatic cleanup on deactivation