Short Description

Beyond Multisite helps WordPress multisite network administrators to better control, protect, and clean their network.

Features

Plugin Control Module

(view documentation)

Network disable plugins

– Disabled plugins are hidden from site administrators on the plugins screen (so they cannot activate/deactivate)

– Site enable plugins to allow plugin activation/deactivation for only some sites

– Disabled plugins are hidden from site administrators on the plugins screen (so they cannot activate/deactivate) – Site enable plugins to allow plugin activation/deactivation for only some sites Bulk activate/deactivate plugins

– Target all or some sites by ID

Cleanup Module

(view documentation)

Bulk delete comments

– Target all or some sites by ID

– Target sites with at least X comments

– Delete comments based on age, status, or containing a URL

– Target all or some sites by ID – Target sites with at least X comments – Delete comments based on age, status, or containing a URL Bulk delete revisions

– Target all or some sites by ID

– Leave recent revisions

– Target all or some sites by ID – Leave recent revisions Bulk delete sites

– Target empty or old sites

– Target by attribute or site ID

– Permanent or soft deletion

– Delete now or schedule a future deletion

– Notify site admins for a scheduled deletion and allow cancellation

– Choose maximum email notification sending speed

– Target empty or old sites – Target by attribute or site ID – Permanent or soft deletion – Delete now or schedule a future deletion – Notify site admins for a scheduled deletion and allow cancellation – Choose maximum email notification sending speed Bulk delete leftover database tables

– They belong to permanently deleted sites

Copy Maker Module

(view documentation)

Copy Sites

– Fully duplicate a site, except the main site

– Internal links are updated to the new site URL

– A detailed debug log is generated

– Fully duplicate a site, – Internal links are updated to the new site URL – A detailed debug log is generated Automatically replace newly created sites with a copy of a template site

– Options to copy or not: users, site title, site admin email

– Internal links are updated and a log is generated like in normal site copying

– The Super Administrator chooses the template site in the options (not the user), and it cannot be the main site

Activated in Module

(view documentation)

View sites that have activated a plugin

View sites that have activated a theme

Pending Users Module

(view documentation)

Manage non-activated signups

– Activate signup

– Resend activation email

– Delete signup

– Search by username or email

Ban Users Module

(view documentation)

View user last IP address and country

– Quick links to IP blacklist information sites

– Find users with the same IP address as a chosen user



– Quick links to IP blacklist information sites – Find users with the same IP address as a chosen user Ban users and their IP address

– The ban denies login, signup, and commenting

– Ban permanently or for 7, 30, or 90 days

– Users must login once while the plugin is active (to detect IP)

Insert HTML Module

(view documentation)

Insert HTML globally

– Target all or some sites by ID

– Insert in head (before </head>) or footer (before </body>)

– Insert on front-end and/or back-end

Captcha Module

(view documentation)

Protect WordPress forms with a customizable captcha

– Easy to read by humans, hard to read by spam bots

– Choose character set: numbers, letters, or both

– Choose character count: 3, 4, or 5

– Choose captcha image height: 60, 70, 80, 90, 100, 110, or 120 pixels

– Choose which forms to protect:

- Blog signup

- User signup

- Login

- Lost password

- Reset password

- Comment

Email Users Module

(view documentation)

Bulk send emails to multisite users

– Target users by ID or role (only default roles) in all or some sites

– Unsubscribe via a link or a profile setting

– Shortcodes for user names or username

– Choose maximum sending speed

– Emails are sent in small chunks

Improvements Module

(view documentation)

Various improvements

– Show user ID and site ID in the network users and sites pages

– Hide plugin meta (version, author, etc.) from site administrators

– Automatically delete leftover database tables on permanent site deletion

– Show an icon for sites that disallow search engine indexing

– Show a role icon for each user site in the network users page

– Option to turn on/off any of the improvements

Client Reviews

Translations

Everything in Beyond Multisite, except the log generated when copying a site, is translatable. A POT file is included. Read translation instructions. Completed Bulgarian translation files are also included.

Requirements

WordPress 4.6 or higher

WordPress multisite enabled

FAQ

Q: Does it support Multi-Networks (Networks of Multisite Networks)?

A: It has never been tested in such an environment.

Q: Does the plugin create any cookies?

A: No. However if a future version starts using cookies, I will mention it here and in the changelog.

Documentation

Online documentation can be found here.

Icon License

The circular flat icons used in some images on this page and in the video preview are licensed under GPL. The source is Elegant Themes.

Any questions or suggestions?

Feel free to ask any questions or suggest features in the comments or via email: nikolay@nikolaydev.com

Changelog

Beyond Multisite 1.11.0 – 3 June 2020

ADDED: A new option in the Improvements module that allows you to automatically delete the leftover empty uploads folder of permanently deleted sites. It is deleted upon site deletion only.

IMPROVED: The captcha for the blog signup form for logged out visitors is now compatible with the WP Ultimo plugin (tested with version 1.10.11).

IMPROVED: The Captcha module is now turned off by default (affects new clients only).

FIXED: The Copy Maker module now works properly if your database name contains a dot. But still it is strongly recommended that you don’t use a dot in the database name or column names.

UPDATED: Language and documentation files.

TESTED: Compatibility with WordPress 5.4.1.

Beyond Multisite 1.10.0 – 4 January 2020

IMPROVED: The values of the text boxes of the Insert HTML module are now encoded before the POST request and decoded before saved in the database. This will prevent various security measures on some servers from blocking the request when they see that it contains JavaScript code.

IMPROVED: The Improvements module now also stops email notifications about a changed password even when the WooCommerce form is used.

IMPROVED: Reduced the maximum number or sites and users that the plugin affects by a single request, when performing various actions, from 5000 to 1000. This will reduce the load on the server and prevent an error on some servers with lower resources and thousands of sites/users.

IMPROVED: The phrases “Any site ID” and “Any user ID”, have been replaced by “Any site ID (All sites)” and “Any user ID (All users)” so they are more clear that it means it affects all sites/users, and not just one ID.

IMPROVED: A warning text added for the feature that deletes leftover database tables, that it could produce a very slow MySQL query on some servers.

FIXED: An error in older PHP versions produced by a misplaced closing bracket in the Ban Users module: Parse error: syntax error, unexpected ’||’ (T_BOOLEAN_OR), expecting ‘)’ in /home/example/public_html/wp-content/plugins/beyond-multisite/includes/ban-users.php on line 470

UPDATED: Language files.

TESTED: Compatibility with WordPress 5.3.2.

Beyond Multisite 1.9.0 – 14 August 2019

ADDED: An option in the Copy Maker module settings to choose a site (we call it a template site) to be copied into and replace newly created sites upon their creation.

ADDED: An option to choose the IP address detection method in the Ban Users module settings.

IMPROVED: The Copy Maker is now compatible with the PeepSo plugin and copies its files properly.

FIXED: The Copy Maker now replaces properly the old URL in the site copy if the URL is stored encoded or escaped with slashes.

FIXED: When the plugin list command is used in WP-CLI, it now shows all plugins properly instead of only the ones that are not disabled with the Plugin Control module.

UPDATED: Language and documentation files.

Beyond Multisite 1.8.0 – 7 May 2019

ADDED: New deletion types when deleting sites with the Cleanup module. Now you can mark sites as archived and also choose whether to change the last updated time or keep it the same.

FIXED: The arrows to change the results page, when viewing the scheduled or cancelled sites of a scheduled site deletion task, were not working.

FIXED: Sites with zero administrators were skipped when scheduling a site deletion task.

UPDATED: Language and documentation files.

TESTED: Compatibility with WordPress 5.2.

Beyond Multisite 1.7.0 – 3 May 2019

ADDED: The ability to export the IDs or URLs of all the sites in the results box of previewing a cleanup task (for comments, revisions, and sites). A text file with comma-separated values is generated.

FIXED: If you click the button to execute a cleanup task from inside the preview box with results, and then cancel upon asked for confirmation, and then change the page number, it would now display the preview results as if the task was executed (even though it is just a preview still).

FIXED: When performing a scheduled site deletion task and using a maximum email sending speed higher than 240 per hour, the [user_sites] shortcode in the notification email shows more sites than it should. It includes other sites that are also scheduled for deletion, but the notified user is not their admin.

UPDATED: Language files.

Beyond Multisite 1.6.0 – 19 April 2019

ADDED: New options for the “Delete Sites” section on the “Network Cleanup” page. They allow you to ignore the default first post (Hello World!), page (Sample Page), and comment, when trying to affect sites with zero published posts, pages, or approved comments.

FIXED: Incorrect confirmation message when executing a site deletion task (present since version 1.5.0).

UPDATED: Language and documentation files.

Beyond Multisite 1.5.1 – 14 March 2019

FIXED: When doing site cleanup, and choosing “Less than 1 day after registration” for “Last Updated”, an error for invalid data was shown.

Beyond Multisite 1.5.0 – 21 February 2019

ADDED: An option to show text captcha instead of an image for the login form in order to reduce server load when there is a large number of attacks.

IMPROVED: Now the captcha images are stored for much less time in order to reduce the number of generated files when there are many requests.

FIXED: In some weird situations when WordPress temporarily does not return correct options data, the plugin update function would be triggered and some settings would be lost. Now there is a file fail-safe that stores the latest plugin version of the database information and prevents this.

FIXED: WordPress fixed a bug in version 5.1, which affected site cleanup when certain options were selected. Unfortunately all sites created before this are still affected. I have removed the option to fix the time zone of the time of registration of the sites when performing site deletions, and I have added a warning message visible when certain options are selected.

UPDATED: Language and documentation files.

TESTED: Compatibility with WordPress 5.1.

Beyond Multisite 1.4.0 – 27 December 2018

ADDED: The ability to choose custom numerical values for many of the options on the Network Cleanup page (instead of only choosing from predefined ones).

ADDED: A new option in the “Improvements” module. It shows an icon for each user role in the Sites column on the Network Users page.

ADDED: A new option in the “Improvements” module. It shows an icon in the top admin bar, in the My Sites menu, and in the My Sites page, indicating which site has discouraged search engine indexing.

ADDED: Buttons to go to the next or previous page from the set of results in various places in the plugins.

ADDED: Two new links with IP address information on the screen for banning/unbanning users.

IMPROVED: When we failed to send a test email from the settings of the “Cleanup” module, we now show an error.

IMPROVED: The “Ban Users” module is turned off by default for new installations. This will prevent unnecessary IP address data collection in the multisites of clients that are not using the module but also haven’t turned it off.

IMPROVED: The small icons with links to IP address information sites in the network users table are easier to touch on mobile devices (added clickable padding around them).

IMPROVED: The list of user sites, which are shown in the email notification for a scheduled site deletion, are now active links.

IMPROVED: The default name of the sender of the email notification for a scheduled site deletion is now the network title, instead of the title of the main site. Affects new installations only.

IMPROVED: The default email of the sender of the email notification for a scheduled site deletion is now the WordPress generated email (like wordpress@example.com), instead of the network administrator email address. This prevents unwanted revealing of your email address to the users being notified. Affects new installations only.

IMPROVED: It is more recognizable that a module is turned off. An extra step to turn it on is visible in the Quick Start tab, and also a red message in the settings area.

FIXED: There were incorrect results when searching for banned or pending users with a string that contains an underscore. This was due to incorrect MySQL escaping in some queries. Technically the search feature of the two modules was also vulnerable to a so called SQL wildcard attack (which can be used to perform complicated queries in order to slow down the server), but since only Super Administrators can access these pages, it is not a problem.

FIXED: Removed one link with IP address information from the screen for banning/unbanning users because it does not work anymore.

FIXED: We now make sure that the IP address of the user is valid before we perform certain operations with it in the “Ban Users” module. This will prevent errors if for some reason the provided IP address data is invalid.

FIXED: An issue with the height of text editors in the module settings in WordPress 5. It is a bug in WordPress and I have reported it, but I have also implemented a fix for now.

UPDATED: Language and documentation files.

TESTED: Compatibility with WordPress 5.0.

Beyond Multisite 1.3.1 – 14 June 2018

FIXED: When trying to delete sites with the Cleanup module, in some situations it would infinitely be processing sites without deleting them.

FIXED: When copying a site, if the URL of the site to paste into contained the URL of the site to copy from, the resulted site copy would have an incorrect site URL and not work properly. This would happen for example if you try to copy from the site example.com/test to the site example.com/testing.

FIXED: If you are using CloudFlare, then the Ban Users module would show the CloudFlare IP address as the user IP address. Now when you update to the 1.3.1 version of this plugin, the correct IP address will be set for each user only after the user visits the site while logged-in. If you have already banned any users while using CloudFlare, you should unban them, since the CloudFlare IP address was banned and not the real user IP address. You can check which are the CloudFlare IP address ranges here: https://www.cloudflare.com/ips/

Beyond Multisite 1.3.0 – 2 January 2018

ADDED: The option to show a country flag next to the user IP address was added to the “Ban Users” module. Data is pulled from the free API at www.iplocate.io.

ADDED: A new column in the logs table of the “Copy Maker” module. It displays the log size in KB or MB.

IMPROVED: When a list of site URLs is displayed in the “Cleanup” and “Activated in?” modules, they are now links to those URLs.

IMPROVED: Added a nonce field to some forms of the plugin that did not have one. This improves security.

IMPROVED: The hint for the number of logs in the options of the “Copy Maker” module now contains more useful information.

IMPROVED: Switched to the clean_blog_cache() and get_main_site_id() functions, which are more future-proof. For versions of WordPress lower than 4.9 the previous approach is still used.

FIXED: Trying to save invalid data for the plugin settings would generate PHP notices for “Undefined index” and break the tabs layout.

FIXED: Updating from a version of the plugin lower than 1.2.0 to a version higher or equal to 1.2.0, while the plugin is deactivated, would cause for some settings of the “Insert HTML” module to be lost.

FIXED: The responsive layout of the table with the banned users had some problems when the plugin is translated to a language with longer words than English.

FIXED: The quick links that point to network themes menu items (added by the “Improvements” module), were not working when displayed as buttons, while viewing the active theme on a site.

FIXED: WordPress would sometimes store more than one copy of the same plugin option, which may cause some problems. I suspect that it is a bug in WordPress. So to go around this, now instead of updating an existing option, the plugin first deletes the option (along with any copies) and then adds the option with the new value.

FIXED: A mistake in the Bulgarian translation files.

UPDATED: Language and documentation files.

TESTED: Compatibility with WordPress 4.9.

Beyond Multisite 1.2.1 – 20 October 2017

FIXED: A fatal error saying “Can’t use function return value in write context…” was present when the plugin is activated on a server with a PHP version lower than 5.5.

FIXED: When the “Insert HTML” module was set to insert before the closing body tag on “All except these site IDs:” it would insert on all sites and produce a PHP notice.

FIXED: The action links of the “Activated in?” and “Plugin Control” modules were showing on the “Must-Use” plugins page and PHP warnings were generated.

FIXED: Some tooltip boxes, that hold the hints, were sometimes showing under the tabs of the WordPress text editor, making them partially unreadable.

Beyond Multisite 1.2.0 – 25 July 2017

ADDED: The “Copy Maker” module, which can duplicate blogs from the multisite network.

ADDED: A setting for the “Plugin Control” module that automatically network disables newly installed plugins.

ADDED: A feature for the “Cleanup” module that can delete leftover database tables (created by plugins) from sites that are now permanently deleted.

ADDED: The option to choose on which types of pages to show the HTML code inserted by the “Insert HTML” module: front-end pages that use the theme template, front-end login related pages, or back-end admin pages.

ADDED: A quick link to blacklist information about the user IP address in cleantalk.org.

ADDED: An option in the “Improvements” module that can add a CSS class to the body tag on the wp-signup.php page.

ADDED: An option in the “Improvements” module that can delete leftover database tables when a site is permanently deleted.

ADDED: A hover effect for the icons in the “Last IP” column on the “Users” network admin page.

IMPROVED: The design of the “Modules & Settings” page is changed to increase readability of the module description. It is now split into two tabs and shown in bullets.

IMPROVED: Archived, spammed, or deleted sites are now excluded from scheduled site deletion tasks.

IMPROVED: The options to choose which sites to be affected by the “Insert HTML” module, are now made to work in the same way that similar options in other modules work (for consistency).

FIXED: The comment deletion of the “Cleanup” module now finds links that don’t have a protocol (they start with “www.”).

FIXED: Marking sites as deleted with the “Cleanup” module no longer removes the users from the deleted site.

FIXED: Previewing permanent site deletion or previewing marking not-deleted sites as deleted was causing infinite processing though the sites. This affected only networks with so many sites that they could not be processed in one chunk (10 seconds).

FIXED: If several sites of the same user were scheduled for deletion, the user would sometimes receive more than one notification (instead of just one about all the sites).

FIXED: Some login related messages were not showing if the “Email Users” module is turned on.

FIXED: The action links of the “Activated in?” and “Plugin Control” modules are no longer visible on the “Drop-ins” plugins page.

FIXED: Two options from the “Improvements” module were causing the “Plugins” and “Themes” admin menus to be visible for users that should not see them. It was only a menu issue, users still could not access the actual pages.

FIXED: PHP warnings were sometimes generated when old captcha images are deleted.

FIXED: When the PHP files of the plugin are accessed directly, the script is now terminated immediately (instead of generating an error).

FIXED: Few mistakes in the comments of the source code in some files. They do not affect how the plugin actually works.

UPDATED: Language and documentation files.

TESTED: Compatibility with WordPress 4.8.

Beyond Multisite 1.1.0 – 1 May 17

ADDED: The new “Email Users” module which allows you to send mass emails to all or some users in the network.

ADDED: A new option in the site deletion form that lets you exclude sites, which deletion has been cancelled in the past (but not earlier than version 1.1.0).

ADDED: The ability to view which site deletions are scheduled and which are cancelled in an active or finished site deletion task.

ADDED: A way to force the maximum email sending speed in a site deletion task even without having enough visitors to trigger the cron job. There is a link to a self-refreshing page that triggers the cron job.

IMPROVED: The captcha will be more compatible with plugins that also add HTML to the WordPress forms. If floating elements are added before the captcha image, now it will show properly on a new line.

IMPROVED: All single row text fields, except the ones for search, have the enter key to prevent accidental submissions.

IMPROVED: After successfully cancelling a scheduled site deletion with the “Cancel deletion!” button, now the big red message fades away and disappears. In the past it stayed until the user goes to another page or reloads the current page.

IMPROVED: After aborting the scheduling of a site deletion task, now a message shows that suggests that you reload the page, in order to see if such a task has been created before you managed to abort it.

IMPROVED: The reloading of the network cleanup page that is related to site deletion task creation or cancellation, now also scrolls down to the site deletion form or the site deletion task information.

IMPROVED: We only call a task active, in various messages, if it is not done. Otherwise we call it finished.

FIXED: A mistake that was causing the maximum email sending speed for the Cleanup module to always be 240 per hour, regardless of the chosen settings.

FIXED: One JavaScript variable was declared two times.

FIXED: Few mistakes in the comments of the source code in some files. They do not affect how the plugin actually works.

UPDATED: Language and documentation files.

Beyond Multisite 1.0.1 – 31 March 17

FIXED: The “Less than X min/hour(s)/day(s) after registration” option for the “Last updated” drop down menu in the “Site Deletion” form, no longer affects sites with last updated date/time that is before the registered date/time. Even though such sites should not exist, I found that they sometimes do.

FIXED: No longer shows an error when trying to schedule such a number of sites for deletion that they are processed in more than one chunk.

FIXED: No longer shows stage 1 of a scheduled site deletion task as active if there are some email notifications skipped and all others are either sent or failed. Correctly shows stage 2 as active in that case.

Beyond Multisite 1.0.0 – 28 March 17

Initial release