WordPress.org
Get WordPress
WordPress.org

Plugin Directory

WebCommander Store

WebCommander Store

By Webcommander
Download

Description

WebCommander Store makes it easy to connect your WooCommerce store to WebCommander so you can migrate it across. With one click the plugin generates the API credentials WebCommander needs, bundles them into a single encrypted connection key, and shows you that key to copy and paste — no manual REST API setup, no juggling keys and secrets.

Everything happens on your own server. The plugin does not send any data anywhere — you copy the generated key yourself and paste it into WebCommander.

What it does

  • Generates a read-only WooCommerce REST API key for you automatically — no manual setup.
  • Generates a WordPress Application Password for authenticated access.
  • Bundles both into a single key, encrypted with AES-256, that you paste into WebCommander.
  • Shows a clear requirements check so you know your store is ready before you start.
  • Lets you revoke the generated credentials in one click once your migration is complete.
  • Removes all generated credentials and stored data when you revoke or uninstall.

How it works

  1. Install and activate the plugin (WooCommerce must be active).
  2. Go to WooCommerce Store Setup.
  3. Review the requirements check, then click Generate Connection Key.
  4. Copy the key and paste it into WebCommander, along with the Site Encryption Key shown on the page.
  5. When your migration is finished, click Revoke Access to remove the generated credentials from your site.

The connection key is valid for 24 hours and can be regenerated at any time.

Privacy and data

This plugin does not collect personal data and does not transmit anything to external services. All credential generation and encryption happens locally on your WordPress server. The resulting connection key is a self-contained encrypted string that you manually copy into WebCommander — no data leaves your site automatically.

The plugin stores the following locally in your WordPress database:

  • A read-only WooCommerce REST API key (in the {prefix}woocommerce_api_keys table) — deleted on revoke or uninstall.
  • A WordPress Application Password (via the WordPress core API) — deleted on revoke or uninstall.
  • A site-specific AES-256 encryption key in wp_options (wcmc_site_key) — deleted on uninstall.
  • A short-lived transient (wcmc_credentials) holding the IDs needed for revocation — expires after 24 hours and is deleted on revoke or uninstall.

Screenshots

The Store Setup page — the requirements check and the Generate Connection Key button.
The Store Setup page — the requirements check and the Generate Connection Key button.
A generated connection key, ready to copy and paste into WebCommander.
A generated connection key, ready to copy and paste into WebCommander.

Installation

From the WordPress Plugin Directory (recommended)

  1. In your WordPress admin, go to Plugins Add New Plugin.
  2. Search for WebCommander Store.
  3. Click Install Now, then Activate.
  4. Go to WooCommerce Store Setup to generate your connection key.

Manual installation

  1. Upload the webcommander-store folder to /wp-content/plugins/.
  2. Activate the plugin through the Plugins screen in WordPress.
  3. Ensure WooCommerce is installed and active.
  4. Go to WooCommerce Store Setup to generate your connection key.

Requirements

  • WordPress 5.6 or higher (required for Application Passwords)
  • WooCommerce, installed and active
  • PHP 7.4 or higher
  • A WebCommander account to paste the key into

FAQ

Does the plugin send my credentials to an external server?

No. The connection key is generated entirely on your own server using local encryption. No credentials are transmitted anywhere — you copy the key and paste it into WebCommander yourself.

How is the connection key secured?

The credentials are bundled and encrypted with AES-256 using a 32-character key that is unique to your site and generated on first use. The encryption key is stored in your WordPress options table and is never transmitted externally.

What does the plugin create on my site?

A read-only WooCommerce REST API key and a WordPress Application Password, both named “WebCommander Store”. The API key is read-only, so the plugin never modifies your store data.

What happens when I click “Revoke Access”?

The plugin deletes the WooCommerce REST API key and the WordPress Application Password it created. The connection key immediately stops working.

What data is removed when I uninstall the plugin?

The generated API key, the Application Password, and the site encryption key stored in wp_options. No other site data is touched.

Where do I find the Site Encryption Key?

It is shown at the bottom of the WooCommerce Store Setup page. You enter it in WebCommander under Site Settings Encryption Key so it can decode your connection key.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“WebCommander Store” is open source software. The following people have contributed to this plugin.

Contributors

Translate “WebCommander Store” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.0.0

  • Initial release — one-click generation of an encrypted WooCommerce connection key for WebCommander, with a requirements check, one-click revoke, and full cleanup on uninstall.

Meta

  • Version 1.0.0
  • Last updated 10 hours ago
  • Active installations Fewer than 10
  • WordPress version 5.6 or higher
  • Tested up to 7.0
  • PHP version 7.4 or higher
  • Tags
  • Advanced View

Ratings

No reviews have been submitted yet.

Your review

See all reviews

Contributors

Support

Got something to say? Need help?

View support forum