User Access Blocker

User Access Blocker is a simple yet powerful WordPress plugin that allows administrators to temporarily or permanently block user access without deleting their accounts. This is perfect for situations where you need to:

• Suspend user access during investigations
• Temporarily disable accounts for non-payment
• Block problematic users while preserving their content
• Manage user access during maintenance or transitions

Key Features

• Easy Toggle: Simple “Block Access” / “Unblock Access” button on user profiles
• Instant Effect: Blocked users are immediately prevented from logging in
• AJAX Powered: Block/unblock users without page refresh
• Secure: Multiple permission checks and nonce verification
• Non-Destructive: User accounts, posts, and data remain intact
• Admin Only: Only administrators can block/unblock users
• Self-Protection: Administrators cannot block themselves
• Activity Logging: All block/unblock actions are logged for security audits
• Clean Uninstall: Removes all plugin data when deleted

How It Works

1. Navigate to any user’s profile page in WordPress admin
2. Scroll to the “Access Control” section
3. Click “Block Access” to prevent the user from logging in
4. Click “Unblock Access” to restore their access

Blocked users will see: “Your account has been blocked. Please contact the administrator.”

Security Features

• Administrator-only functionality
• Nonce verification on all actions
• Permission checks at multiple levels
• Data sanitization and validation
• Secure AJAX implementation
• XSS protection through proper escaping
• Activity logging for audit trails

Developer Information

Hooks and Filters

The plugin uses standard WordPress hooks:

• authenticate – To check if a user is blocked during login
• show_user_profile / edit_user_profile – To add the block button
• personal_options_update / edit_user_profile_update – To save block status
• admin_notices – To display blocked user warnings
• wp_ajax_uab_toggle_user_block – For AJAX functionality

Database

The plugin stores block status in user meta:
* Meta key: _uab_user_blocked
* Meta value: boolean (true/false)

Uninstall

The plugin includes a proper uninstall routine that removes all plugin data from the database when deleted through the WordPress admin.

Support

For support, feature requests, or bug reports, please visit plugin support forum or GitHub repository.

Privacy Policy

This plugin does not collect any personal data. It only stores block status as user metadata within your WordPress database. No data is sent to external servers.

The plugin logs block/unblock actions to your server’s error log for security audit purposes. These logs remain on your server and are not transmitted elsewhere.

Automatic Installation

1. Log in to your WordPress dashboard
2. Navigate to Plugins → Add New
3. Search for “User Access Blocker”
4. Click “Install Now” and then “Activate”

Manual Installation

1. Download the plugin zip file
2. Log in to your WordPress dashboard
3. Navigate to Plugins → Add New
4. Click “Upload Plugin” and choose the downloaded file
5. Click “Install Now” and then “Activate”

FTP Installation

1. Download and unzip the plugin file
2. Upload the user-access-blocker folder to /wp-content/plugins/
3. Activate the plugin through the ‘Plugins’ menu in WordPress

1.0.2

• Enhanced security with improved escaping and sanitization
• Added unique prefixes to all functions and classes for better compatibility
• Added confirmation dialogs before blocking/unblocking users
• Improved error handling and user feedback
• Added activity logging for all block/unblock actions

1.0.1

• Added nonce verification for form submissions
• Improved AJAX security
• Added uninstall cleanup function
• Better error messages

1.0.0

• Initial release
• Basic block/unblock functionality
• AJAX-powered interface
• Administrator-only access