Page Authority – Allowed Domains
0/5 (0 ratings) — active installs Updated May 27, 2026
The Allowed Domains settings page where administrators manage the email domain allowlist, with optional login enforcement and an existing user audit.
Allowed Email Domains gives administrators a simple way to restrict WordPress user accounts to approved email domains.
The plugin is designed for sites where only users from specific organizations, companies, clients, or teams should be added as WordPress users.
Features include:
- Admin-managed allowed domain list
- Standard WordPress registration enforcement
- REST API user creation/update enforcement
- WooCommerce registration enforcement
- Existing User Audit tools
- Optional login enforcement
- Per-user unauthorized account removal with content reassignment
- Multisite-aware protections
- Lightweight architecture with no custom database tables
Security Notes
The plugin includes:
- Capability checks
- Nonce verification (verified before any state-changing logic runs)
- Sanitization and escaping
- Live revalidation before destructive actions
- Current-admin protection
- Multisite Super Admin protection
- Explicit content reassignment or delete confirmation before user removal
Recommended operational practices:
- Review the Existing User Audit before enabling login blocking
- Test custom registration and SSO flows before production rollout
- Maintain regular database backups before deleting users
- Restrict plugin management access to trusted administrators only
Uninstall
Deleting the plugin removes its current options:
pageauth_allowed_domainspageauth_audit_logpageauth_block_unauthorized_logins
It also cleans up internal flags, transients, user meta, and any leftover keys from prior plugin versions that used the paad_ or aed_ prefixes. On multisite, the matching network options are removed as well.