WordPress.org

Testing Rosetta

Get WordPress
WordPress.org

Plugin Directory

MegaManager Connector

MegaManager Connector

By GDimitrov
Download

Description

MegaManager Connector allows you to connect your WordPress site to the MegaManager platform for:

  • Real-time Monitoring – Keep track of your site’s health and uptime status
  • Automated Backups – Schedule and manage full-site cloud backups
  • Remote Updates – Update plugins, themes, and WordPress core remotely
  • Cache Management – Clear page, object, and OPcache directly from admin bar or dashboard
  • Plugin Management – Activate and deactivate plugins from the dashboard
  • Security – Secure communication with HMAC signatures
  • Database Optimization – Analyze and optimize database tables remotely
  • Maintenance Mode – Enable/disable maintenance mode without writing files

External Services

This plugin connects to the MegaManager platform API to provide remote site management features. The service is hosted at https://wpmegamanager.com/api/fn.

What data is sent and when:

  • Site Registration (on connect): Your site URL, WordPress version, PHP version, and a generated site secret are sent once when you connect the plugin to MegaManager.
  • Heartbeat (every 5 minutes while connected): Site ID, WordPress version, PHP version, and site URL are sent to confirm your site is online and reachable. The heartbeat is essential for the connection status feature and runs automatically while the plugin is connected. It does NOT send any content, user data, or analytics — only basic environment identifiers.
  • Metrics (hourly, opt-in only): When you enable telemetry in the plugin settings, performance data (TTFB, page size, plugin list, theme, PHP/WP versions, disk/database size, activity logs) is sent hourly. This is disabled by default and requires explicit opt-in via the Settings > MegaManager page. You can disable it at any time; the setting takes effect immediately.
  • Backup operations: During cloud backups, your database and wp-content files are uploaded to MegaManager cloud storage via signed URLs.

No data is sent until you explicitly connect the plugin by entering a Connect Token from the MegaManager dashboard.

Screenshots

  • Dashboard – connected site overview
  • Cache management panel
  • Connect token input

Installation

  1. Upload the megamanager-connector folder to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress
  3. Go to Settings > MegaManager in your WordPress admin
  4. Enter your Connect Token from the MegaManager dashboard
  5. Click “Connect to MegaManager”

FAQ

How do I connect my site?

After installing the plugin, go to Settings > MegaManager in WordPress admin, enter your Connect Token from the MegaManager dashboard, and click Connect.

Is my data secure?

Yes. All communication between your site and MegaManager uses HMAC-signed requests. Your site secret is stored locally and never shared.

What caching plugins are supported?

MegaManager Connector supports WP Super Cache, W3 Total Cache, WP Fastest Cache, LiteSpeed Cache, WP Rocket, Autoptimize, SG Optimizer, Hummingbird, WP-Optimize, and Breeze.

Does this plugin send data without my consent?

No. The plugin only sends data after you explicitly connect it. The heartbeat (connection check) runs only while connected. Performance metrics require an additional opt-in via the telemetry toggle in the plugin settings. You can disable telemetry or disconnect entirely at any time.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“MegaManager Connector” is open source software. The following people have contributed to this plugin.

Contributors

Translate “MegaManager Connector” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.3.2

  • FEATURE: Admin Notes — floating sticky-note panel injected in every WordPress admin page; attach colour-coded notes (yellow, green, blue, pink, orange, purple) to plugins, posts and pages; notes saved per-site via AJAX; enable/disable toggle and configurable targets in Settings > MegaManager.
  • FEATURE: Backup Manager UI — create cloud backups, list recent jobs, live status and log output, AJAX-driven polling; cron hooks for restore checks and connection status while the site is connected; packaged as includes/class-backup-manager.php (PHP-only, shared-hosting friendly).
  • SECURITY: Validate plugin path before deactivation to block path traversal (MED-6); remove do_shortcode() during REST requests to prevent side-effects (MED-8); harden debug log path resolution with ABSPATH boundary check (MED-10); restrict table DROP to WP prefix only (HIGH-1); return relative log path in API response to avoid leaking filesystem layout (HIGH-4); use JSON_HEX_TAG | JSON_HEX_AMP for inline script output (HIGH-8).
  • FIX: Cron schedule re-check throttled to once per minute via transient — was running on every page load.
  • FIX: Remote login token hook moved from priority 1 to 10 for correct plugin load order.

1.3.1

  • FEATURE: Temp Access supports access_method: password (default) or magic_link — magic link returns a one-time login URL without exposing the plaintext password in the API response.
  • FEATURE: New POST /wpmm/v1/temp-access/generate-link — generate or regenerate a one-time magic login URL for an existing temp user (TTL capped at 24 hours or remaining access time).
  • BACKUP: Preserve MegaManager connection options (wpmm_site_id, wpmm_site_secret, wpmm_connected) before database restore and re-inject them after — site stays connected and complete_restore callback can authenticate.
  • BACKUP: New remote command trigger_restore — runs restore job check immediately without waiting for the next cron poll.
  • IMPROVE: WooCommerce analytics REST — stricter date handling, optional previous-period comparison totals, smaller interval payloads.

1.3.0

  • RELEASE: Connector package version line and readme stable tag decoupled from the MegaManager web app — connector semver is now independent.

1.2.9

  • RELEASE: Connector version line is now fully independent from the SaaS app version; ships with current API-compatible PHP baseline.

1.2.7

  • FEATURE: Auto updates default on for plugins and themes; configurable check interval (15 min / 1 h / 12 h / daily) replaces maintenance window field in connector settings.

1.2.6

  • FIX: Cache clear reporting — success only when something is actually cleared; OPcache unavailable or failed reset no longer reported as success
  • IMPROVE: wp-content/cache cleanup reports deleted file count; expired transients report row counts; skipped layers listed separately

1.2.3

  • FEATURE: Switch User one-time login token support
  • FIX: Auto-login now uses REST API switch-user endpoint instead of removed legacy wpmm_autologin
  • FIX: Edge function auth headers corrected to use X-Site-Secret

1.2.1

  • COMPLIANCE: Added wpsupporting to Contributors in readme.txt
  • COMPLIANCE: Removed define(‘FS_METHOD’, ‘direct’) — no longer sets global constant; guides user to wp-config.php instead
  • COMPLIANCE: Backup manager inline / replaced with wp_register_style/wp_register_script + wp_add_inline_style/wp_add_inline_script via admin_enqueue_scripts hook
  • COMPLIANCE: Temp backup directory now uses wp_upload_dir() basedir with plugin-slug subfolder (megamanager-connector/) instead of hardcoded WP_CONTENT_DIR path

1.2.0

  • SECURITY: Removed all sslverify=false from outbound requests; default SSL verification is now used
  • STABILITY: Fixed is_plugin_active() fatal errors in cron/frontend contexts by adding safe include guard
  • STABILITY: Bounded disk usage scan (max 50,000 files) and media inventory (max 500 images) to prevent cron timeouts
  • STABILITY: Wrapped RecursiveIteratorIterator in try/catch for permission-denied safety
  • CRON: Moved cron_schedules filter into class constructor for reliable early registration
  • CRON: Ensured five_minutes schedule is always available before wp_schedule_event calls
  • COMPLIANCE: Fully removed residual handle_autologin() method from plugin code
  • COMPLIANCE: Updated readme External Services section with heartbeat data details

1.1.0

  • SECURITY: Removed insecure URL-based auto-login mechanism
  • SECURITY: Hardened REST API permission callbacks for PHP 8+ null safety (returns WP_Error instead of fatal)
  • COMPLIANCE: Added explicit telemetry opt-in toggle; metrics are disabled by default
  • COMPLIANCE: Added External Services section to readme.txt with Terms/Privacy links
  • COMPLIANCE: Removed all direct wp-content file writes for maintenance mode
  • COMPLIANCE: Refactored inline CSS/JS to use wp_enqueue_script/wp_enqueue_style and wp_add_inline_script/wp_add_inline_style
  • COMPLIANCE: Consistent plugin headers and author metadata referencing https://wpmegamanager.com
  • FIX: Replaced direct emoji characters in PHP with HTML entities for shared-hosting compatibility

1.0.1

  • Added backward-compatible remote backup support and command routing fixes

1.0.0

  • Initial release

Meta

Ratings

No reviews have been submitted yet.

Your review

See all reviews

Contributors

Support

Got something to say? Need help?

View support forum