Linux 软件免费装
Banner图

Kreiswolke Maintenance Agent Toolkit

开发者 basic777
更新时间 2026年7月10日 19:24
PHP版本: 7.4 及以上
WordPress版本: 7.0
版权: GPLv2 or later
版权网址: 版权信息

标签

backup security maintenance updates rollback

下载

1.0.0

详情介绍:

Maintenance Agent keeps your WordPress sites updated, hardened, and recoverable — so staying current is no longer a risk or a chore. You get a complete maintenance toolkit: careful updates, security hardening, instant rollback, emergency recovery, anti-bot features and Coming Soon page. Drive it with your own AI assistant, manually, or through the free companion app — which adds the dashboards, manual controls and a specialized agent that runs the whole cycle based on dependencies and site history. Protect and harden — via wp-admin or remote (FREE) Careful maintenance toolset — for agents and custom integrations (FREE) There is no AI inside the plugin itself — it is a deterministic toolkit. Intelligence lives in whatever you connect to it. Dashboards and a specialized agent — via the companion app (FREE TIER) More sites, scheduling, and monitoring — paid plans (optional) The free plan runs the full agent and dashboards within a small monthly allowance. Paid plans lift the limits and add what matters once you manage more than one site: Pricing and the full comparison are on the website. The plugin never requires a paid plan — or any plan. Why Maintenance Agent? Updates should be careful, observable, and reversible. Most tools update everything at once and hope; this one is built the other way. Full features, screenshots, and pricing: https://kreiswolke.com/wp-maintenance-agent/

屏幕截图:

  • Coming Soon and maintenance mode — animated splash with content and SEO controls, toggled instantly.
  • Connect: link the site to the free companion app through a secure key — no admin password is ever entered.
  • Optional free companion app — site overview with the agent's read-only assessment.
  • Optional free companion app — full stack inventory with one-click update and rollback per item.
  • Optional free companion app — uptime, response-time, and incident monitoring.

升级注意事项:

1.0.0 First public release.

常见问题:

Can I use this with my own AI assistant or scripts?

Yes — that's what it's designed for. Every capability is a REST endpoint, registered with the WordPress Abilities API (WP 6.9+), so any MCP-capable client you trust — or plain curl — can discover and use them. Authentication is a standard WordPress Application Password; destructive operations are snapshot-first with on-disk verification. The plugin is useful to humans and to whatever tooling you already run.

Does the plugin work without the companion app?

Yes, fully. The app adds orchestration (the maintenance agent, scheduling, multi-site dashboards, reports); the plugin alone gives you the reports, rollback, careful updates, and hardening on a single site.

Does it send my data anywhere?

Not unless you connect it to the companion app, and then only as described under "External services". There is no telemetry, no tracking, no phone-home.

Why does it install an MU-plugin?

The emergency companion exists for exactly one scenario: a failed update breaks the main plugin (or the site), and you still need the heartbeat, the maintenance splash, and the restore tools to work. A regular plugin can't promise that — an MU-plugin can. It is written atomically (no half-written file can white-screen a site), updated only on activation/version change, and removed on uninstall.

Why does it write to .htaccess?

Only when you enable an Apache-level hardening feature, and only inside one clearly marked block. The plugin backs up your .htaccess before every change, offers one-click restore, ships a kill-switch (create one file via FTP and all rules turn off), and removes the block fully on deactivation/uninstall. Blocking at the webserver is the point of these features: the request is rejected before PHP starts.

What is the login gate, and can it lock me out?

The gate puts a small PIN page in front of wp-login.php. It was built after watching bots hammer login pages on real servers: every attempt boots PHP, WordPress, and the database — a WordPress-layer rate limiter still pays that cost on each hit. The gate stops those requests at the webserver, before WordPress runs; bot/load protection is the primary purpose, the added login secrecy is a bonus. It is opt-in, requires a PIN before it can be enabled, and is built to fail open: if the plugin is removed by any means, the rule disables itself; a kill-switch file disables it instantly; logout/password-reset URLs are never blocked.

Why does the code contain base64, unserialize, and error handlers?

base64 encodes/decodes Ed25519 signature material and HTTP Basic auth — both are binary-to-text transports, not obfuscation; every site is commented. The single unserialize() reads WordPress's own Application Passwords usermeta and is hardened with allowed_classes => false. The error handler and shutdown hooks feed the plugin's own error log and let a restore endpoint return structured JSON even if a fatal occurs; the handler returns false so PHP's normal error flow is untouched.

Does it work on nginx?

Everything except the Apache-level rules, which are detected as not applicable; for each, the plugin shows an equivalent nginx snippet to paste into your server config instead of pretending it worked.

Is there AI in the plugin?

No. The plugin is a deterministic toolkit — predictable, inspectable, no model calls. AI-assisted planning happens in the optional companion app, server-side, only for connected sites.

更新日志:

1.0.0