WPMasterToolKit (WPMTK) – All in one plugin

WP Master ToolKit is your all-in-one solution for optimizing WordPress. It streamlines your dashboard, enhances workflows, and simplifies content and settings management. Customize your WordPress installation effortlessly with all the tools you need at your fingertips.

Test by Alexis Fichou (WP-Origami) :

Test by Enzo (Easy WordPress) :

92 FREE modules

• Adminer: A full-featured database management tool.
• Advanced Debug Mode
• Allow Menu Custom Links to Open in New Tab.
• Apple Touch Icon: Manage app icon (Apple Touch Icon) individually.
• Auto Regenerate Salt Keys.
• Auto-Publish Posts with Missed Schedule: Automatically publish scheduled posts marked as "missed schedule" across all post types.
• Ban Emails: Ban the chosen emails.
• Blacklisted Usernames: Prevent creation of user accounts with predefined blacklisted or common usernames.
• Block User Registration from Disposable Email: Block user registration from temporary disposable email addresses.
• Browser Theme Color: Select a tag color to allow seamless theme customization in all major browsers.
• Child theme generator: Generate a child theme directly from WordPress dashboard.
• Clean Profiles: Tidy up user profiles by removing sections you do not utilise.
• Clean Up Admin Bar.
• Code Snippets: Add custom code snippets without editing the theme’s functions.php.
• Content Duplication: One-click duplication of pages, posts and custom post types with taxonomy terms and post meta.
• Content Order: Custom ordering for hierarchical content types and those supporting page attributes.
• Custom Admin CSS: Add custom CSS on all admin pages for all user roles.
• Custom Body Class: Add custom class(es) on the singular view of some or all public post types.
• Custom Frontend CSS: Add custom CSS on all frontend pages for all user roles.
• Disable All Updates: Completely disable core, theme and plugin updates and auto-updates. Will also disable update checks, notices and emails.
• Disable Block-Based Widgets Settings Screen: Restore classic widgets settings screen for non-block themes.
• Disable Dashboard Widgets: Clean up and speed up dashboard by disabling widgets that won’t load assets.
• Disable Feeds: Disable RSS, Atom, and RDF feeds and remove feed URL references from section.
• Disable Gutenberg: Selectively disable Gutenberg block editor for specific or all post types.
• Disable REST API: Disable REST API for non-authenticated users and remove URL traces.
• Disable Really Simple Discovery (RSD) tag: Remove RSD tag used by XML-RPC clients.
• Disable WP Sitemap: Disable the default WordPress sitemap.
• Disable Windows Live Writer (WLW) manifest tag: Remove discontinued WLW manifest tag.
• Disable WordPress shortlink tag: Remove WordPress shortlink tag from .
• Disable XML-RPC.
• Disable cart fragments scripts: Disable WooCommerce cart fragments scripts for public visitors.
• Disable dashicons CSS and JS files.
• Disable emoji support: Remove emoji scripts as modern browsers natively support emojis.
• Disable jQuery Migrate: Removes the jQuery Migrate script from the frontend of your site.
• Disable wp_mail: Disable WordPress email function to save resources on sites that don’t send emails.
• Disallow Bad Requests: Block malicious requests containing eval(, base64_, and excessively long strings.
• Disallow Dir Listing: Disable the listing of the directories.
• Disallow Malicious File Access in upload: Prevent malicious file access in upload directory.
• Disallow Plugin Upload: Disable plugin zip file uploads.
• Disallow Theme Upload: Disable theme zip file uploads.
• Disallow WP File Edit: Prevent core file modifications through admin panel.
• Disallow register user: Prevent new user account creation via WordPress registration form.
• Duplicate Menu: Easily duplicate your WordPress Menus
• Enhance List Tables: Add or remove columns in listing pages for post types, taxonomies, media, comments and users.
• Export Posts & Pages: Export posts and pages to CSV format.
• Export Users: Export user data to CSV format.
• External Permalinks: Set permalinks to external URLs with rel="noopener noreferrer nofollow" attributes.
• File Manager: Browse and manage files efficiently.
• Force SSL: Force HTTPS for encrypted secure traffic.
• Force Strong Password: Enforce strong passwords for all users to prevent weak credentials.
• Heartbeat Control: Modify or disable WordPress heartbeat API to reduce server CPU load.
• Hide Admin Bar: Hide admin bar on frontend for specific roles or all users.
• Hide Admin Notices: Gather all notifications in a popup accessible from top-right bell icon.
• Hide Login Errors: Hide default WordPress login error messages.
• Hide PHP Versions: Remove X-Powered-By header that reveals PHP version to potential attackers.
• Hide WordPress Version
• Image Upload Control: Resize large images, convert BMPs and PNGs to JPGs, delete originals.
• Insert , and
• Last Login Column: Display last login date and time in users list table.
• Limit Login Attempts: Prevent brute force attacks by limiting failed login attempts per IP.
• Local avatars: Replaces GRAVATAR management with media management.
• Lock Admin Email: Prevent admin email address modifications.
• Lock Site URL: Prevent site URL modifications.
• Log In/Out Menu: Add dynamic login/logout menu items.
• Mail Catcher: Capture all outgoing emails.
• Maintenance Mode: Display customizable maintenance page. Administrators can still access the site.
• Manage ads.txt and app-ads.txt: Edit and validate ads.txt files.
• Manage robots.txt: Edit and validate robots.txt file.
• Media Cleaner: Sanitize file names and auto-generate metadata (title, caption, alt text, description).
• Media Encoder: Automatically convert images to WebP (AVIF in PRO).
• Meta Debugger: Display all metadata for a post, user, term, or comment.
• Move Login URL: Change the default login URL to a custom URL of your choice.
• Multiple User Roles: Assign multiple roles per user, useful for e-commerce or LMS plugins.
• Nav Menu Visibility: Apply visibility controls to menu items.
• Obfuscate Author Slugs: Hide user slugs in author URLs and REST API endpoints.
• Obfuscate Email Addresses: Protect emails from spam bots via [wpm_obfuscate] shortcode.
• Open All External Links in New Tab: Open external links in new tab with security attributes.
• Password Protection: Password-protect entire site from public and search engines. Admins retain access.
• Plugin & Theme Rollback: Revert plugins/themes to previous WordPress.org versions.
• Post Per Page: Set posts per page for each post type.
• Prevent User Enumeration: Block user enumeration via ?author= and REST API.
• Protect Website Headers: Add security headers to protect against phishing and data theft.
• Quick Add Post: Quick button to add new posts faster.
• Redirect 404 to Homepage: Redirect non-existent pages to homepage.
• Redirect After Login
• Redirect After Logout
• Revisions Control: Limit number of revisions saved per post type.
• Register Custom Content Types: Register custom post types and taxonomies.
• SMTP Mailer: Configure sender name/email and external SMTP for reliable email delivery.
• SVG Upload: Enable SVG file uploads.
• Temporary Login
• Wider Admin Menu

30 Pro Modules

• 410 Manager
• Add Essentials Shortcodes
• Admin Menu Organizer
• Auto clean actionscheduler_actions: Clean actionscheduler_actions database table from actions that have been completed | failed | cancelled.
• Better Password Hash
• CRON Manager: Manage cron events on your website.
• Change Database Prefix: Quickly change your WordPress database prefix to save time and enhance security.
• Custom Login Design: Personalize your login page to match your brand.
• Disable Comments: Manage the visibility of comments on your public posts by selectively disabling them for specific post types or across all posts.
• Disable Plugin For Debug: Temporarily disable specific plugins to troubleshoot and debug issues on your WordPress site without uninstalling.
• Disable Woocommerce Logout Confirmation
• Disallow Access WP Sensible Files: Delete the wp-config-sample.php, block access to readme.html, license.txt
• Disallow Countries IP
• Download medias as zip
• Force Send All Email To: Force all emails sent from your website to be sent to a specific email address.
• Generate Alt Text With AI: Automatically generate alternative text using AI.
• Head Sorter: Automatically sorts and optimizes the of your website, making sure important tags load first for better speed and SEO.
• Hook And Filter Debugger: Displaying the sequence of action and filter hooks by their origin on a single page.
• Link Shortener: Shorten your links with a custom prefix. You can also track the number of clicks on each link.
• Manage Admin Emails Notifications: Check the types of emails you no longer want to receive as an administrator.
• Media Replacement
• My Account Menu Customizer: for WooCommerce My Account page.
• No Plugin Activation / Deactivation / Deletion: Prevents plugin activation, deactivation, and deletion for enhanced security.
• Paste Image In Media: With this feature you can paste directly your picture in WordPress media.
• Plugin Download: Download plugins from the plugins page in the WordPress admin panel.
• Post Type Switcher
• Two Factor Authentication
• Updates Logs: Track and record the most recent login activity of site users, then showcase the date and time in the users list table
• User Switching
• Vulnerabilities Scan

PRO Additionnals Features

• Move Login URL: Block access to /wp-admin with server side 403 error for non-logged users.
• Maintenance Mode: Real countdown timer with automatic site activation. Bypass link generation for access during maintenance. Exclude specific URLs from maintenance mode.
• Media Encoder: Convert images to AVIF format (PHP ≥ 8.1). Free version limited to WebP only.
• Mail Catcher: Unlimited email capture. Free version limited to 5 emails per day.
• Advanced Debug Mode: Live log streaming viewer with real-time monitoring. Daily logs with date suffix. Custom log path with enhanced protection.
• SMTP Mailer: 19+ premium providers including Gmail, Outlook, SendGrid, AWS SES, Brevo, Mailgun, Mailjet, Postmark, SparkPost, MailerSend, Resend, SendLayer, SMTP.com, SMTP2GO, Elastic Email, Zoho Mail, SendPulse, Mandrill, and Pepipost. Free version limited to PHP mail and generic SMTP.

⭐️ UPGRADE TO PRO VERSION: WPMasterToolKit Pro ⭐️

Other plugin by Webdeclic

Webdeclic is a French web agency based in Paris. We are specialized in the creation of websites and e-commerce sites. We are also the creator of the following plugins:
* QuickWebP
* Cookie Dough
* Univeral Honey Pot
* Clean My WP
* Mentions Legales Par Webdeclic
* Lexilink
* Show all plugins on WordPress.org