Aloa

WordPress control panel

30 minute de lecture

OUI Aloa is a comprehensive WordPress control panel plugin. It provides ACL management, menu customization, content duplication, business information management, login customization, maintenance mode, activity logging, and deep integration with popular WordPress tools.

WordPress 6.0+ PHP 7.4+ GPL-2.0+ v0.22b

1. Getting Started

Installation

OUI Aloa can be installed via the standard WordPress plugin installation process. Follow the steps below to get started.

  1. Download the oui-aloa.zip plugin archive from your account or the provided distribution link.
  2. In your WordPress admin panel, navigate to Plugins → Add New → Upload Plugin.
  3. Click Choose File, select the oui-aloa.zip archive, then click Install Now.
  4. Once installed, click Activate Plugin to enable OUI Aloa on your site.
  5. Upon first activation, you will be automatically redirected to the Aloa Welcome Page, where you can begin configuring your site.
ℹ First Launch

On first activation, OUI Aloa performs several setup operations: it creates required database tables, registers default content types (including the "Legal" post type), generates draft legal documents, and redirects you to a welcome page that introduces the plugin features.

Screenshot: Welcome Page
The Aloa welcome page displayed after first activation, showing key features and a "Get Started" button.

System Requirements

RequirementMinimumRecommended
WordPress6.06.4+
PHP7.48.1+
MySQL5.78.0+
PHP Memory Limit128 MB256 MB
Browser (Admin)Chrome, Firefox, Safari, Edge (latest 2 versions)
⚠ Important

OUI Aloa requires the WordPress REST API to be accessible. If you have security plugins that restrict REST API access, ensure that the Aloa endpoints are whitelisted.

2. Aloa Dashboard Panneau de contrôle

The Aloa Dashboard replaces the default WordPress Dashboard with a purpose-built control panel designed for efficiency. It provides a customizable widget grid that surfaces the most important information from your site and connected services at a glance.

Screenshot: Aloa Dashboard
The main Aloa dashboard showing the customizable widget grid with site statistics, recent activity, and third-party integration cards.

Dashboard Features

  • Replaces the default WordPress dashboard with a modern, responsive control panel
  • Customizable widget grid — drag to reorder, toggle visibility per widget
  • Version badge display showing the current Aloa version (v0.22b)
  • "Configurer mon site" quick-access button linking directly to the Webmaster Panel
  • Automatic detection and display of compatible plugin widgets
  • Responsive layout that adapts to different screen sizes

Supported Widget Integrations

The dashboard automatically detects and offers widgets for the following plugins when they are active on your site:

W
WooCommerce

Sales overview, recent orders, product counts, revenue charts

G
Gravity Forms

Form entries count, recent submissions, conversion stats

P
Plausible Analytics

Visitor statistics, page views, top pages, bounce rate

S
SEOPress

SEO score overview, meta status, sitemap health

E
Elementor

Template count, recently edited pages, system info

B
Bricks Builder

Templates, global elements, recently edited content

O
Oxygen Builder

Template overview, reusable components, page status

D
Divi

Layout library, saved templates, global modules

Managing Dashboard Widgets

Each widget on the dashboard can be individually configured:

  • Show/Hide: Click the eye icon on any widget to toggle its visibility.
  • Reorder: Drag and drop widgets to rearrange the grid layout. Your arrangement is saved per user.
  • Refresh: Individual widgets can be refreshed without reloading the entire dashboard.
💡 Tip

Widget visibility settings are stored per user, so each administrator can customize their own dashboard layout without affecting other users.

3. Webmaster Panel

The Webmaster Panel is the central configuration hub of OUI Aloa. It provides quick-access cards to all major settings sections and allows administrators to configure the plugin behavior from a single location.

Screenshot: Webmaster Panel
The Webmaster Panel showing configuration cards organized into tabs: Apparence/UI, E-commerce, Business, Admin menus, Les contenus, and Permissions.

Panel Tabs

TabDescriptionQuick Actions
Apparence / UIVisual customization: header, logo, colors, templatesHeader editor, template selector
E-commerceWooCommerce and shop-related settingsCart display, product settings
BusinessCompany information and legal identityEdit company details, legal numbers
Admin menusWordPress admin menu customization per role/userHide menu items, customize toolbar
Les contenusContent types, legal documents, duplicationCreate content types, manage legal pages
PermissionsRoles, capabilities, and access controlCreate roles, edit permissions

Dashboard Settings

The Webmaster Panel provides top-level control over key Aloa features:

Panneau de contrôle Aloa
Controls the Aloa Dashboard. Options: Auto (activates when Aloa is the primary dashboard), Enabled (always replaces WordPress dashboard), Disabled (uses default WordPress dashboard).
Page de connexion
Toggle the custom login page. When enabled, WordPress login uses the Aloa-styled authentication page.
Menu principal
Enable or disable the custom main menu managed by Aloa, including the sidebar navigation and header integration.
Barre d'admin
Control the WordPress admin bar customization. When enabled, Aloa applies its own admin bar styling and content modifications.

Configuration Presets

Aloa offers three pre-configured presets to quickly tailor the WordPress experience to different user types:

📝 Éditeur simplifié Content Editors

Simplified interface optimized for content editors. Hides technical options such as plugin management, theme settings, and advanced tools. Shows only content-related menus: Posts, Pages, Media, and Comments. Ideal for writers and non-technical team members.

🛠 Administrateur complet Full Admin

Full access to all WordPress features and Aloa settings. No menus are hidden, all capabilities are enabled. Designed for experienced administrators who need complete control over the site.

🛒 Gestionnaire boutique Shop Managers

Optimized for WooCommerce store management. Provides quick access to products, orders, customers, reports, and shipping settings. Hides unrelated menus like Appearance and Plugins. Perfect for e-commerce managers.

Site Information Panel

The bottom of the Webmaster Panel displays a read-only information card with key site details:

  • Site Name: The WordPress site title
  • Site URL: The home URL of the installation
  • WordPress Version: Currently running WP version
  • Aloa Version: Currently installed Aloa version (v0.22b)

4. Interface Globale Apparence

The Interface Globale section controls the visual appearance of your site's front-end elements managed by Aloa. It is organized into six tabs, each focused on a specific aspect of your site's look and functionality.

Configure your site header and logo display. Aloa provides a custom header system that can replace your theme's built-in header with a fully customizable alternative.

Screenshot: Header & Logo Settings
The header configuration panel showing logo type selection, color pickers, font size controls, and a live preview of the header.

Logo Settings

SettingTypeDescription
Logo TypeSelectChoose between Text Logo (renders site name as styled text) or Image Logo (uploads a logo image).
Logo TextTextThe text displayed as your logo when Text Logo is selected. Defaults to your site name.
Font SizeNumber (px)Font size for the text logo, in pixels. Default: 24px.
Logo ColorColorColor of the text logo. Accepts any valid CSS color or hex value.
Logo Link URLURLThe URL the logo links to when clicked. Defaults to the site home URL.

Header Styling

SettingTypeDescription
Background ColorColorBackground color of the header bar.
Text ColorColorDefault text color for header elements (navigation links, etc.).
Enable Custom HeaderToggleWhen enabled, the Aloa custom header replaces your theme's default header output.
ℹ Live Preview

The Header & Logo settings page includes a real-time preview panel at the bottom. Changes to colors, text, and font size are reflected immediately in the preview before saving.

Configure how menus and navigation elements are displayed on your site's front end.

SettingTypeDescription
Primary MenuDropdownSelect which WordPress menu to use as the primary navigation. Lists all menus registered via Appearance → Menus.
Desktop Menu DisplayToggleWhen enabled, the menu is displayed horizontally in the header on desktop screens (viewports ≥992px). On smaller screens, it collapses into a burger menu.
Desktop BreakpointNumber (px)The viewport width threshold for switching between horizontal and burger menu. Default: 992 pixels.
Show Search in MenuToggleAdds a search icon/bar to the navigation menu.
Burger Menu ColorColorThe color of the hamburger menu icon on mobile viewports.
Burger Menu HoverColorThe hover/focus color of the hamburger menu icon.
💡 Tip

If your theme already provides a robust navigation system, you can disable the Aloa menu from the Webmaster Panel and only use Aloa for other features like ACL management or maintenance mode.

4.3 Authentication

OUI Aloa provides a built-in custom login page that replaces the default WordPress wp-login.php with a branded authentication experience.

Screenshot: Custom Login Page
The Aloa custom login page showing branded logo, custom background image, styled form fields, and a "Remember Me" checkbox.

Login Page Configuration

SettingTypeDescription
Enable Custom LoginToggleActivate the Aloa custom login page. When disabled, WordPress uses the default login page.
Login Page URLSelectChoose the URL slug for your login page. Options: login, connexion, signin, member-login.
Redirect After LoginSelectWordPress Default (respects WP redirect logic) or Custom URL (always redirect to a specified page after login).
Redirect After LogoutURLThe URL users are sent to after logging out. Leave empty for the default WordPress behavior (login page).
Background ImageMedia UploadFull-screen background image for the login page.
Custom LogoMedia UploadLogo displayed above the login form. Overrides the default WordPress logo.
⚠ Security Note

When using a custom login URL, the default wp-login.php remains accessible for security and compatibility reasons. To fully hide it, consider using a dedicated security plugin in combination with Aloa.

4.4 Maintenance Mode

Enable maintenance mode to temporarily restrict front-end access to your site. Only logged-in administrators can view the site while maintenance mode is active.

SettingTypeDescription
Enable Maintenance ModeToggleWhen enabled, all non-admin visitors see the maintenance page instead of site content. Logged-in administrators can browse normally.
Page TitleTextTitle displayed on the maintenance page (also used as the HTML <title>).
MessageWYSIWYGThe main message body displayed to visitors. Supports full HTML and rich text formatting via the WordPress editor.
Background ImageMedia UploadOptional full-screen background image for the maintenance page.
ℹ Admin Bar Indicator

When maintenance mode is active, a status indicator appears in the WordPress admin bar allowing administrators to quickly toggle maintenance mode on or off without navigating to the settings page.

Screenshot: Maintenance Mode Page
The front-end maintenance page as seen by non-admin visitors, showing the custom title, message, and background image.

4.5 Social & Integration

Configure social media links and third-party integration display options.

Social Icons

Enter the full URLs for each social media profile. When a URL is provided, the corresponding icon is displayed in the site's side menu or footer, depending on your template configuration.

PlatformField TypeNotes
FacebookURLFull URL to your Facebook page or profile
InstagramURLFull URL to your Instagram profile
Twitter / XURLFull URL to your Twitter/X profile
LinkedInURLFull URL to your LinkedIn company page or profile
YouTubeURLFull URL to your YouTube channel
Display in Side Menu
Toggle to show or hide social media icons in the Aloa side navigation menu.

WooCommerce Settings

Enable Cart Icon
When WooCommerce is active and this is enabled, a cart icon with item count badge is displayed in the site header. Clicking it navigates to the WooCommerce cart page.

4.6 Header Templates

OUI Aloa includes 8 predefined header templates that you can apply with a single click. Each template is designed for a specific type of website and can be further customized after applying.

Classic

Traditional header with centered logo and horizontal navigation below.

Minimal

Clean, minimal header with left-aligned logo and subtle navigation.

E-Commerce

Optimized for shops with cart icon, search bar, and category nav.

Magazine

Multi-row header ideal for news sites with category ribbons.

Startup

Modern gradient header with CTA button and social links.

Corporate

Professional two-tone header with contact info bar and nav.

Creative

Bold typography with asymmetric layout for portfolios.

Formal, structured header for law firms and professional services.

💡 Custom Headers with Elementor

In addition to the built-in templates, you can create a fully custom header using Elementor. Design your header in Elementor's template builder and Aloa will use it as the site header when the Elementor integration is active.

5. Business Information L'entreprise

Store your company's legal and contact information in one place. This data is used across the site to automatically populate legal notices, footer content, invoices, and transactional emails.

ℹ Automatic Usage

These information fields are used to automatically generate your legal notices (Mentions légales) and can be displayed in documents, emails, and footer widgets throughout your site.

Company Identity

FieldTypeDescription
Company NameTextThe legal name of your company or organization.
Legal FormDropdownLegal structure: SAS, SARL, EURL, SA, SCI, Auto-entrepreneur, Association, etc.
Capital socialTextShare capital amount (e.g., "10 000 €").
FieldTypeValidation
SIRETTextMust be exactly 14 digits. Validated on save.
TVA IntracommunautaireTextEU VAT identification number (e.g., FR12345678901).
RCSTextRegistre du Commerce et des Sociétés registration number.

Headquarters Address

FieldTypeDescription
AddressTextPrimary street address.
Additional AddressTextSecondary address line (building, suite, floor).
Postal CodeTextPostal/ZIP code.
CityTextCity name.
CountryDropdownCountry selection.

Contact Information

FieldTypeDescription
PhoneTelPrimary business phone number.
EmailEmailPrimary business contact email.
WebsiteURLCompany website URL.
Screenshot: Business Information Form
The company information form showing all identity, legal, address, and contact fields organized into logical sections.

6. Admin Menu Customization

OUI Aloa allows you to selectively hide WordPress admin menu items and admin bar elements on a per-role or per-user basis. This is a powerful access control feature that lets you create tailored admin experiences without modifying user capabilities.

Configuration Process

  1. Select target: Choose whether to customize menus by User Role (affects all users with that role) or by Specific User (affects only one user). Roles available: Administrator, Editor, Author, Contributor, Subscriber, plus any custom roles.
  2. Load existing customization: Click the "Load existing customization" button to view and edit any previously saved customizations for the selected role or user.
  3. Select elements to hide: Use the checkbox interface to select which menu items and admin bar elements to hide for the target role or user.
  4. Save customization: Click the save button to apply your changes. They take effect immediately for affected users.

Menu Admin Items

The following top-level WordPress admin menu items can be individually shown or hidden:

Menu ItemWordPress SlugDescription
Tableau de bordindex.phpWordPress Dashboard / Aloa Dashboard
Articlesedit.phpBlog posts management
Médiasupload.phpMedia library
Pagesedit.php?post_type=pageStatic pages management
Commentairesedit-comments.phpComments moderation
Apparencethemes.phpTheme management and customizer
Extensionsplugins.phpPlugin management
Utilisateursusers.phpUser management
Outilstools.phpWordPress tools (import/export)
Réglagesoptions-general.phpWordPress settings

Admin Bar Items

The following WordPress admin bar (toolbar) elements can be shown or hidden:

  • Logo WordPress — The WordPress logo dropdown in the top-left
  • Nom du site — The site name link in the toolbar
  • Mises à jour — The updates notification counter
  • Commentaires — The comments shortcut in the toolbar
  • Modifier — The "Edit" link for the current page/post
  • Yoast SEO — Yoast SEO admin bar item (if installed)
  • SEOPress — SEOPress admin bar item (if installed)
⚠ Administrator Protection

Be careful when customizing admin menu visibility for the Administrator role. Hiding critical items like "Extensions" or "Réglages" from Administrators can lock you out of important settings. Always test customizations with a secondary admin account first.

Screenshot: Admin Menu Customization
The admin menu customization interface showing role selection, checkbox grid for menu items, and current customizations summary.

7. Content Types Manager Types de contenu

The Content Types Manager lets you create, modify, and manage custom post types directly from the WordPress admin without writing any code. It displays both built-in WordPress types and custom types registered by Aloa.

WordPress Content Types

The following system content types are displayed as read-only entries:

TypeSlugStatusNotes
PostspostSystemDefault blog post type. Read-only.
PagespageSystemStatic pages. Read-only.
AttachmentsattachmentSystemMedia library items. Read-only.

Custom Content Types

Custom types created through Aloa appear in a separate table with full management actions:

ActionFrench LabelDescription
EditModifierOpen the content type editor to change settings.
DisableDésactiverTemporarily disable without deleting. Content is preserved.
DeleteSupprimerPermanently remove the content type registration. Content remains in database.
ℹ Pre-created Content Type

Aloa creates a "Légaux" (Legal) content type by default during activation. This type is used to store legal documents such as privacy policies, terms of service, and legal notices. It is active by default and can be customized like any other content type.

Creating a New Content Type

FieldTypeDescription
Clé (Slug)TextUnique identifier for the content type. Lowercase, no spaces. Example: portfolio
Libellé plurielTextPlural display name. Example: "Portfolios"
Libellé singulierTextSingular display name. Example: "Portfolio"
Icône DashiconsTextWordPress Dashicons class for the admin menu icon. Example: dashicons-portfolio
DescriptionTextareaBrief description of the content type's purpose.

Feature Support

Select which WordPress features are enabled for the content type:

☑ Titre

Post title field

☑ Éditeur

Content editor (Gutenberg/Classic)

☑ Image à la une

Featured image / thumbnail

☐ Extrait

Excerpt field

☐ Champs personnalisés

Custom fields meta box

☐ Attributs de page

Page attributes (template, order)

☐ Commentaires

Comments support

☐ Révisions

Post revisions tracking

☐ Auteur

Author selection

Taxonomy Support

  • Catégories — Hierarchical taxonomy for organizing content into categories
  • Étiquettes — Flat taxonomy for tagging content with keywords

Additional Settings

Hiérarchique
Makes the content type hierarchical (like Pages), allowing parent-child relationships. When disabled, it behaves like Posts (flat structure).
Position dans le menu
Numeric value controlling where the content type appears in the admin sidebar. Lower numbers appear higher. Default WordPress positions: Posts=5, Pages=20, Comments=25.
💡 Dashicons Reference

For a complete list of available Dashicons, visit the WordPress Dashicons reference. Common choices include dashicons-admin-post, dashicons-portfolio, dashicons-book, and dashicons-store.

9. Roles & Permissions

OUI Aloa provides a comprehensive roles and permissions management interface that goes beyond the default WordPress capabilities system. You can view, edit, duplicate, and create roles with granular permission control.

Screenshot: Roles & Permissions Manager
The roles management interface showing a table of all roles with user counts, permission counts, and action buttons (Modifier, Dupliquer).

Role Management

The main view lists all existing WordPress roles with the following details:

  • Role Name: Display name of the role
  • User Count: Number of users assigned to this role
  • Permission Count: Total number of capabilities assigned
  • Actions:
    • Modifier — Edit the role's capabilities
    • Dupliquer — Create a copy of the role with all its permissions as a new custom role
ℹ System Role Protection

Built-in WordPress system roles (Administrator, Editor, Author, Contributor, Subscriber) are protected. Their core capabilities cannot be removed, but additional capabilities can be added. Custom roles have no such restriction.

Creating a New Role

FieldTypeDescription
Role KeyTextUnique slug identifier for the role. Lowercase, underscores allowed. Example: shop_manager
Display NameTextHuman-readable name shown in the admin. Example: "Shop Manager"
Base RoleDropdownStart with the permissions of an existing role. The new role inherits all capabilities from the selected base role.

Permission Categories

Permissions are organized into logical categories for easier management:

CategoryKey Capabilities
Administrationmanage_options, activate_plugins, edit_theme_options, export, import
Postsedit_posts, publish_posts, delete_posts, edit_others_posts, read_private_posts
Pagesedit_pages, publish_pages, delete_pages, edit_others_pages, read_private_pages
Mediaupload_files, edit_files, delete_files
Commentsmoderate_comments, edit_comment
Themesswitch_themes, edit_themes, install_themes, delete_themes
Pluginsactivate_plugins, edit_plugins, install_plugins, delete_plugins
Userslist_users, create_users, edit_users, delete_users, promote_users
Categories & Tagsmanage_categories, edit_categories, delete_categories, assign_categories
Otherread, unfiltered_html, manage_links, update_core

10. Content Duplication

OUI Aloa adds a convenient content duplication feature to WordPress. A "Duplicate this content" link appears in the row actions for posts, pages, and custom post types, allowing you to clone any content with a single click.

How It Works

  1. Navigate to any post, page, or custom post type listing in the WordPress admin.
  2. Hover over the item you want to duplicate. A "Duplicate this content" link appears in the row actions.
  3. Click the link. A new copy is created instantly and you are redirected to the editor for the new item.

What Gets Duplicated

  • All post content (title, body, excerpt)
  • All custom field metadata
  • All assigned taxonomies (categories, tags, custom taxonomies)
  • Featured image (thumbnail) assignment
  • Page template selection
  • Post format settings

Duplication Behavior

PropertyValue in Duplicate
Post StatusDraft — Always created as a draft regardless of original status
AuthorSet to the current user who initiated the duplication
Post DateCurrent date and time
SlugAuto-generated by WordPress (typically original slug with "-2" suffix)
CommentsNot duplicated — the new post starts with zero comments
💡 Tip

Content duplication is especially useful for creating new pages based on an existing template or layout, duplicating products in WooCommerce, or creating similar blog post structures.

11. Activity Logging

OUI Aloa includes a comprehensive activity logging system that tracks user actions and system events across your WordPress site. Logs can be viewed in the admin and optionally sent to a remote API for centralized monitoring.

Tracked Event Categories

CategoryEvents Tracked
User ActionsLogin, logout, failed login attempts, password changes, profile updates
Content ChangesPost/page creation, editing, publishing, trashing, deletion, status changes
CommentsNew comments, approval, spam marking, deletion, editing
WooCommerceOrder creation, status changes, product updates, refunds (when WC is active)
Gravity FormsForm submissions, form creation/editing, entry deletion (when GF is active)
Menu ChangesMenu creation, editing, item additions/removals, location assignments
Plugin ChangesPlugin activation, deactivation, installation, deletion, updates
SettingsWordPress option changes, Aloa settings modifications
WidgetsWidget additions, removals, reordering, settings changes
ExportsData export requests and completions

Log Entry Structure

Each log entry contains the following data:

Log entry structure
{
  "id": 1234,
  "timestamp": "2026-02-11T14:30:00Z",
  "user_id": 1,
  "user_login": "admin",
  "action": "post_updated",
  "object_type": "post",
  "object_id": 456,
  "object_title": "Sample Blog Post",
  "details": "Post content and title modified",
  "ip_address": "192.168.1.100",
  "user_agent": "Mozilla/5.0 ..."
}

Remote Logging

Activity logs can be sent to a remote API endpoint for centralized monitoring across multiple WordPress installations. This is useful for agencies and multi-site administrators.

Remote API Endpoint
URL of the remote logging server. Logs are sent via POST requests with JSON payload.
API Authentication
Authentication token or API key for the remote logging endpoint.
ℹ Data Retention

Local logs are stored in the wp_aloa_logs database table. Consider implementing a log rotation or cleanup strategy for sites with high activity to prevent excessive database growth.

12. Database Tables

OUI Aloa creates the following custom database tables during plugin activation. All tables use the standard WordPress table prefix (typically wp_).

Table NamePurposeKey Columns
wp_apparence_headers Stores custom header configurations and template settings id, header_type, settings (JSON), template_id, is_active
wp_aloa_dashboard_widgets Dashboard widget preferences, order, and visibility per user id, user_id, widget_id, position, is_visible, settings
wp_aloa_content_types Custom content type registrations created through the Content Types Manager id, slug, labels (JSON), supports (JSON), taxonomies, is_active
wp_aloa_logs Activity log entries for all tracked events id, timestamp, user_id, action, object_type, object_id, details, ip_address
⚠ Database Caution

Do not manually modify these tables unless you know exactly what you are doing. Incorrect modifications can break plugin functionality. Always create a database backup before performing any direct SQL operations.

Schema Details

wp_apparence_headers

SQL
CREATE TABLE wp_apparence_headers (
  id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
  header_type VARCHAR(50) NOT NULL DEFAULT 'custom',
  settings LONGTEXT NOT NULL,
  template_id VARCHAR(50) DEFAULT NULL,
  is_active TINYINT(1) NOT NULL DEFAULT 0,
  created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
  updated_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
  PRIMARY KEY (id),
  KEY idx_active (is_active)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

wp_aloa_logs

SQL
CREATE TABLE wp_aloa_logs (
  id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
  timestamp DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
  user_id BIGINT(20) UNSIGNED DEFAULT NULL,
  user_login VARCHAR(60) DEFAULT NULL,
  action VARCHAR(100) NOT NULL,
  object_type VARCHAR(50) DEFAULT NULL,
  object_id BIGINT(20) UNSIGNED DEFAULT NULL,
  object_title VARCHAR(255) DEFAULT NULL,
  details LONGTEXT DEFAULT NULL,
  ip_address VARCHAR(45) DEFAULT NULL,
  user_agent TEXT DEFAULT NULL,
  PRIMARY KEY (id),
  KEY idx_timestamp (timestamp),
  KEY idx_user (user_id),
  KEY idx_action (action)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

13. Plugin Integrations

OUI Aloa automatically detects and integrates with popular WordPress plugins when they are active. Integrations enhance the Aloa dashboard, provide additional settings, and ensure seamless compatibility.

PluginIntegration TypeFeatures
WooCommerce Deep Dashboard widgets (sales, orders), cart icon in header, shop manager preset, product duplication support, order activity logging
Gravity Forms Deep Dashboard widget (entries, submissions), form activity logging, entry tracking
Elementor Standard Dashboard widget, custom header template support via Elementor builder, template count display
Plausible Analytics Standard Dashboard widget showing visitor stats, page views, and traffic sources
SEOPress Standard Dashboard widget, admin bar toggle support, SEO status overview
Bricks Builder Basic Dashboard widget, template compatibility
Oxygen Builder Basic Dashboard widget, template compatibility
Divi Basic Dashboard widget, layout library recognition
Dokan Basic Vendor role compatibility, marketplace-aware menu customization

Integration Detection

Aloa checks for installed plugins during its initialization phase. Integration features are automatically enabled when a compatible plugin is detected and active. No manual configuration is required.

PHP - Integration detection example
// Aloa checks for WooCommerce
if ( class_exists( 'WooCommerce' ) ) {
    // Enable WooCommerce dashboard widgets
    // Enable cart icon option in header settings
    // Register WooCommerce activity log hooks
}

// Aloa checks for Gravity Forms
if ( class_exists( 'GFForms' ) ) {
    // Enable Gravity Forms dashboard widget
    // Register form submission logging
}
💡 Plugin Load Order

Aloa uses the plugins_loaded hook at priority 20 for integration detection, ensuring that most plugins have already been loaded and their classes are available for detection.

14. Hooks Reference

OUI Aloa provides a set of action and filter hooks that developers can use to extend or modify plugin behavior. Use these hooks in your theme's functions.php or in a custom plugin.

Action Hooks

HookParametersDescription
aloa_dashboard_initFires when the Aloa dashboard is initialized. Use to register custom widgets.
aloa_before_header_render$header_settingsFires before the custom header is rendered. Allows modification of header data.
aloa_after_header_render$header_settingsFires after the custom header is rendered.
aloa_maintenance_page$settingsFires when the maintenance page is displayed. Use to add custom content.
aloa_content_duplicated$new_post_id, $original_post_idFires after a post has been duplicated. Use to copy additional data.
aloa_log_entry_created$log_entryFires after a new activity log entry is saved.
aloa_role_created$role_key, $capabilitiesFires after a new custom role is created.
aloa_role_updated$role_key, $capabilitiesFires after a role's capabilities are modified.
aloa_content_type_registered$slug, $argsFires after a custom content type is registered.
aloa_business_info_updated$fieldsFires after business information is saved.

Filter Hooks

HookParametersDescription
aloa_dashboard_widgets$widgetsFilter the list of available dashboard widgets. Add or remove widgets.
aloa_header_settings$settingsFilter header configuration before rendering.
aloa_login_redirect_url$url, $userFilter the redirect URL after successful login.
aloa_maintenance_message$messageFilter the maintenance mode message before display.
aloa_duplicate_post_data$post_data, $originalFilter the post data array before creating a duplicate.
aloa_duplicate_meta_keys$meta_keys, $post_idFilter which meta keys are duplicated during content duplication.
aloa_hidden_menu_items$items, $roleFilter the list of hidden admin menu items for a role.
aloa_log_entry$entryFilter a log entry before it is saved to the database.
aloa_content_type_args$args, $slugFilter the arguments for a custom content type registration.
aloa_social_links$linksFilter the social media links array before rendering icons.

Usage Examples

Adding a Custom Dashboard Widget

PHP
add_action( 'aloa_dashboard_init', function() {
    add_filter( 'aloa_dashboard_widgets', function( $widgets ) {
        $widgets['my_custom_widget'] = [
            'title'    => 'My Custom Widget',
            'callback' => 'render_my_custom_widget',
            'priority' => 50,
        ];
        return $widgets;
    });
});

function render_my_custom_widget() {
    echo '<div class="aloa-widget">';
    echo '<p>Custom widget content here.</p>';
    echo '</div>';
}

Modifying Duplicated Post Data

PHP
add_filter( 'aloa_duplicate_post_data', function( $post_data, $original ) {
    // Prefix duplicated post titles
    $post_data['post_title'] = '[COPY] ' . $post_data['post_title'];

    // Set a specific post status
    $post_data['post_status'] = 'pending';

    return $post_data;
}, 10, 2 );

Adding Custom Data to Log Entries

PHP
add_filter( 'aloa_log_entry', function( $entry ) {
    // Add custom metadata to every log entry
    $entry['site_environment'] = wp_get_environment_type();
    $entry['memory_usage']     = memory_get_peak_usage( true );

    return $entry;
});

15. Security Features

OUI Aloa implements several security measures to protect your WordPress installation and ensure data integrity.

Access Control

  • Capability-based access: All Aloa admin pages check for manage_options capability before rendering
  • Nonce verification: Every form submission and AJAX request is protected with WordPress nonces
  • Role-based menu hiding: UI-level restriction that complements WordPress capability checks
  • Maintenance mode bypass: Only users with manage_options capability can access the site in maintenance mode

Data Validation & Sanitization

  • All user inputs are sanitized using WordPress sanitization functions (sanitize_text_field(), sanitize_url(), wp_kses_post())
  • Database queries use prepared statements via $wpdb->prepare()
  • SIRET numbers are validated for correct length (14 digits)
  • URLs are validated before saving
  • Color values are validated as hex codes

Activity Monitoring

  • Failed login attempts are logged with IP address and timestamp
  • Administrative actions (settings changes, role modifications) are tracked
  • Plugin activation/deactivation events are recorded
  • Content modifications include before/after data when applicable

REST API Security

PHP
// All Aloa REST endpoints require authentication
register_rest_route( 'aloa/v1', '/settings', [
    'methods'             => 'POST',
    'callback'            => 'aloa_update_settings',
    'permission_callback' => function() {
        return current_user_can( 'manage_options' );
    },
]);
⚠ Security Best Practices

While OUI Aloa provides robust built-in security, always follow WordPress security best practices: keep WordPress, themes, and plugins updated, use strong passwords, limit login attempts, and regularly back up your database.

Data Privacy

  • IP Logging: Activity logs store IP addresses. Ensure compliance with GDPR and local privacy regulations. Consider anonymizing IPs if required.
  • Business Information: Company data is stored in the WordPress options table. Access is restricted to administrators.
  • Remote Logging: When remote logging is enabled, data is transmitted to an external server. Ensure the remote endpoint uses HTTPS and meets your data processing requirements.