Skip to content
  • Log In
  • Register
WordPress.org
  • News
  • Download & Extend
    • Get WordPress
    • Themes
    • Patterns
    • Plugins
    • Openverse
    • Mobile
    • Hosting
  • Learn
    • Learn WordPress
    • Documentation
    • Forums
    • WordPress.tv
    • Developers
  • Community
    • Make WordPress
    • WordCamp
    • Meetups
    • Photo Directory
    • Job Board
    • Five for the Future
  • About
    • About WordPress
    • Showcase
    • Gutenberg
    • Enterprise
    • WordPress Swag Store
  • Get WordPress
Get WordPress

Plugins

  • My Favorites
  • Beta Testing
  • Developers
Download

KolorWeb Access Admin Notification: extreme rescue for unauthorized admin logins

By Vincenzo Casu
  • Details
  • Reviews
  • Installation
  • Development
Support

Description

Every day I receive many emails of attempted access to the sites I manage. So I asked myself: “And if suddenly one attempt among the millions of those executed were to be successful, how could I know if not when it is already too late?”

I thought the only way to know is to track admin account logins.

If the login is successful, an email is sent containing the account data and the IP of origin. So as soon as you log in through the email and two links inside it, I can immediately disconnect the sessions of the compromised account, and also reset the password for that account, which will be notified by email with a second sending.

In short, a solution that could save the life of your site because it allows you to become aware that there is some backdoor on the site that allows unauthorized access.

This plugin sends an email notification for every access that is made by the website administrators. When a login is detected by a site administrator, the login time is stored and a notification is sent containing the details of the account that is logged in. If access is not authorized, through a link it is possible to disconnect the account from all devices, or disconnect the account from all devices that have logged in and at the same time reset the access password for that account. In this second case, a new notification is sent containing the new password.

Screenshots

  • Notification Example

Installation

From your WordPress Dashboard

  1. ✅ Click on “Plugins > Add New” in the sidebar
  2. ✅ Search for “KolorWeb Access Admin Notification”
  3. ✅ Activate KolorWeb Access Admin Notification from the Plugins page

From wordpress.org

  1. ✅ Search for “KolorWeb Access Admin Notification”
  2. ✅ Download the Plugin to your local computer
  3. ✅ Upload the kolorweb-access-admin-notification directory to your “/wp-content/plugins/” directory using your favorite ftp/sftp/scp program
  4. ✅ Activate KolorWeb Access Admin Notification from the Plugins page

Once Activated

The plugin will start sending emails for each admin account access. I recommend: Keep your eyes open.

Requirements

  • ✅ PHP 7.2 or greater
  • ✅ WordPress 5.2 or above

FAQ

❓ How to I access the plugin?

✅ Once activated, the plugin will start automatically sending emails for each admin account access.

❓ Is this plugin enough on its own to make my site secure?

✅ Believe me, I wish I could say yes, but we all know that security depends on a lot of factors, and that it absolutely cannot depend solely on software protections.

This plugin is not a security system, but only a possibility to limit the damage when you realize that unauthorized access has occurred.

So, once you have ascertained that there was something that did not work and that allowed access to an attacker, you must be quick to understand what could have opened the door of your site, before it is too late.

This plugin could be a valid help used perhaps in conjunction with other plugins that detect failed access attempts, so already in those cases we have notifications of attempted accesses and a notification of an access performed would only be proof that we need to take action, and quickly.

❓ I received an unauthorized access email. What I do?

✅ If you have found that access is actually not attributable to you, the only thing you absolutely must do is click on the link received in the email to reset the password and force the logout of that account from all devices.

❓ I have reset my password but I do not receive the email, what do I do?

✅ Follow this guide to learn how to reset your password in several ways: https://wordpress.org/support/article/resetting-your-password/

❓ I receive too many emails, how can I extend the sending times between one login notification and another?

✅ Notifications are sent per account, so each user will have their own notification counter. For each login, the time between one notification and another is set at 15 minutes. This means that if the same account logs in 5 in less than 15 minutes, you will only receive one notification. And the next one only after 15 minutes have elapsed starting from the first one relating to the first access.

I have made available a filter that allows you to change the time that must pass between one notification login and another.

To change this time frame to 30 minutes, for example, you can use this snippet of code that you can paste at the end of the currently active theme’s functions.php file:

add_filter( ‘kolorweb_notify_interval’, function( $interval ) { return 30; } );

If you want receive notifications for every single admin access, set $interval value to -1

add_filter( ‘kolorweb_notify_interval’, function( $interval ) { return -1; } );

❓ Where can I report bugs?

✅ Report bugs and suggest ideas at: https://wordpress.org/support/plugin/kolorweb-access-admin-notification/

Reviews

Simple but effective way to improve the security of a WordPress site

Jose June 2, 2022 1 reply
Great plugin and a really clever idea! Being notified by email when someone logs in to the backend is very useful to take action immediately. Kudos to the plugin and the author! Have a great day! Jose
Read all 1 review

Contributors & Developers

“KolorWeb Access Admin Notification: extreme rescue for unauthorized admin logins” is open source software. The following people have contributed to this plugin.

Contributors
  • Vincenzo Casu

“KolorWeb Access Admin Notification: extreme rescue for unauthorized admin logins” has been translated into 1 locale. Thank you to the translators for their contributions.

Translate “KolorWeb Access Admin Notification: extreme rescue for unauthorized admin logins” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.0.1

  • ✅ First Code Refactoring
  • Feature:
    • ✅ Added new control that sends notification if logged in from an administrator account while another session is already active for the same user.
  • Feature:
    • ✅ Introduction of geolocation information of the IP used by the user during login.
    • ✅ Among the available information we have Continent, Region, Country, City.

1.0.0

Release date: 2022-05-27

Meta

  • Version: 1.0.1
  • Last updated: 4 months ago
  • Active installations: 40+
  • WordPress Version: 5.2 or higher
  • Tested up to: 6.1.1
  • PHP Version: 7.2 or higher
  • Languages:

    English (US) and Italian.

    Translate into your language

  • Tags:
    admin login notificationNotifications
  • Advanced View

Ratings

See all
  • 5 stars 1
  • 4 stars 0
  • 3 stars 0
  • 2 stars 0
  • 1 star 0
Log in to submit a review.

Contributors

  • Vincenzo Casu

Support

Got something to say? Need help?

View support forum

  • About
  • News
  • Hosting
  • Donate
  • Swag
  • Documentation
  • Developers
  • Get Involved
  • Learn
  • Showcase
  • Plugins
  • Themes
  • Patterns
  • WordCamp
  • WordPress.TV
  • BuddyPress
  • bbPress
  • WordPress.com
  • Matt
  • Privacy
  • Public Code
WordPress.org
WordPress.org
  • Visit our Facebook page
  • Visit our Twitter account
  • Visit our Instagram account
  • Visit our LinkedIn account
Code is Poetry