Title: Server Scout
Author: susheelhbti
Published: <strong>2026 年 6 月 11 日</strong>
Last modified: 2026 年 6 月 12 日

---

搜索插件

![](https://s.w.org/plugins/geopattern-icon/server-scout.svg)

# Server Scout

 作者：[susheelhbti](https://profiles.wordpress.org/susheelhbti/)

[下载](https://downloads.wordpress.org/plugin/server-scout.zip)

 * [详情](https://cn.wordpress.org/plugins/server-scout/#description)
 * [评价](https://cn.wordpress.org/plugins/server-scout/#reviews)
 *  [安装](https://cn.wordpress.org/plugins/server-scout/#installation)
 * [开发进展](https://cn.wordpress.org/plugins/server-scout/#developers)

 [支持](https://wordpress.org/support/plugin/server-scout/)

## 描述

**Server Scout** is a tool for server administrators who manage multiple WordPress
sites on the same server. Instead of logging into each site one by one, Scout gives
you a single dashboard where you can see every WordPress installation on the server
and quickly access them.

#### What it does

 * Recursively scans a directory of your choice (e.g. `/var/www`) for all WordPress
   installations.
 * Stores the results in a dedicated database table so the dashboard loads instantly
   without re-scanning.
 * Refreshes the stored results automatically in the background (WP-Cron), every
   30 minutes by default.
 * Displays each site’s name, URL, WordPress version, and database prefix.
 * Lists all administrator users for each site (username + email).
 * Generates a secure, one-time, 5-minute login link so you can jump straight into
   any site’s admin area without needing the password.

#### Who is it for?

 * **VPS / dedicated server owners** managing multiple client or personal WordPress
   sites.
 * **Developers** running several local or staging environments on one machine.
 * **Agencies** with a fleet of sites on a single server.

#### How scanning & caching works

 1. The first time you open the dashboard, click **Scan Server**.
 2. Results are written to a `{prefix}servsc_sites` table — one row per installation.
 3. Every later visit renders straight from that table (no filesystem walk).
 4. A background WP-Cron task re-scans the same root on a schedule so the data stays
    fresh.
 5. Use **Rescan Now** any time to force an immediate refresh.

#### How login links work

 1. Click **Generate Login Link** next to any admin user.
 2. A cryptographically signed, one-time token is stored in that site’s database (valid
    for 5 minutes).
 3. The generated link goes through WordPress’s standard `admin-ajax.php` endpoint —
    not a direct PHP file — and includes a nonce for request verification.
 4. Opening the link logs you directly into that site’s admin dashboard.
 5. The token is deleted immediately on first use — it cannot be used twice.

#### Security

 * Requires the `manage_options` capability (Administrator) to use the plugin.
 * All form submissions are protected with WordPress nonces.
 * Login links use `wp_ajax_nopriv_` (WordPress AJAX), include a nonce, and go through`
   admin-ajax.php`.
 * Tokens are HMAC-signed with a per-token secret — cannot be forged.
 * Scan paths are validated with `realpath()` before use.
 * All database queries use prepared statements.
 * The standard `wp_login` action is fired on login so security plugins (login limiters,
   audit logs) are notified.

**Important:** This plugin is intended for server administrators only. Do not install
it on shared hosting environments where you do not control all sites on the server.

## 安装

 1. Upload the `server-scout` folder to `/wp-content/plugins/`.
 2. Activate the plugin through the **Plugins** menu in WordPress.
 3. Go to **Tools  Server Scout** in the admin menu.
 4. Enter the root directory to scan (e.g. `/var/www`) and click **Scan Server**.

## 常见问题

### Will this work on shared hosting?

Technically yes, but it is not recommended. This plugin reads the database credentials
of other WordPress installations on the same server. Only use it if you own and 
administer all sites on that server.

### How often does the background refresh run?

Every 30 minutes by default. WP-Cron only fires when the site receives traffic, 
so on a low-traffic server the refresh can lag — set up a real system cron calling`
wp-cron.php` if you need it on a strict schedule. You can change the interval with
the `servsc_refresh_minutes` filter.

### Where are scan results stored?

In a dedicated table, `{prefix}servsc_sites`. Only the configured scan path and 
the last-scan timestamp are kept as options. The table is removed when you delete
the plugin.

### What happens to unused login links?

Tokens expire automatically after 5 minutes. When you delete the plugin, `uninstall.
php` cleans up any leftover tokens from the database.

### The scan found no results. What should I check?

 * Make sure PHP has read permission for the scan directory.
 * Try a more specific path (e.g. `/var/www/html` instead of `/`).
 * Some server setups place sites under `/home` or `/srv/www`.

### Why does the login link say “invalid”?

The link was either already used (one-time only) or has expired (5-minute window).
Generate a new one.

## 评价

此插件暂无评价。

## 贡献者及开发者

「Server Scout」是开源软件。 以下人员对此插件做出了贡献。

贡献者

 *   [ susheelhbti ](https://profiles.wordpress.org/susheelhbti/)

[帮助将「Server Scout」翻译成简体中文。](https://translate.wordpress.org/projects/wp-plugins/server-scout)

### 对开发感兴趣吗?

您可以[浏览代码](https://plugins.trac.wordpress.org/browser/server-scout/)，查看
[SVN仓库](https://plugins.svn.wordpress.org/server-scout/)，或通过[RSS](https://plugins.trac.wordpress.org/log/server-scout/?limit=100&mode=stop_on_copy&format=rss)
订阅[开发日志](https://plugins.trac.wordpress.org/log/server-scout/)。

## 更新日志

#### 1.1.0

 * Scan results are now stored in a dedicated database table instead of being re-
   scanned on every page load.
 * Added a background WP-Cron refresh (every 30 minutes by default; filterable via`
   servsc_refresh_minutes`).
 * Added a “Rescan Now” action and a “last scanned” indicator.

#### 1.0.0

 * Initial release.

## 额外信息

 *  版本 **1.6.0**
 *  最后更新：**2 周前**
 *  活跃安装数量 **不到10**
 *  WordPress 版本 ** 5.5 或更高版本 **
 *  已测试的最高版本为 **7.0**
 *  PHP 版本 ** 7.4 或更高版本 **
 *  语言
 * [English (US)](https://wordpress.org/plugins/server-scout/)
 * 标签
 * [admin](https://cn.wordpress.org/plugins/tags/admin/)[management](https://cn.wordpress.org/plugins/tags/management/)
   [multisite](https://cn.wordpress.org/plugins/tags/multisite/)[server](https://cn.wordpress.org/plugins/tags/server/)
   [tools](https://cn.wordpress.org/plugins/tags/tools/)
 *  [高级视图](https://cn.wordpress.org/plugins/server-scout/advanced/)

## 评级

尚未提交反馈。

[Your review](https://wordpress.org/support/plugin/server-scout/reviews/#new-post)

[查看全部评论](https://wordpress.org/support/plugin/server-scout/reviews/)

## 贡献者

 *   [ susheelhbti ](https://profiles.wordpress.org/susheelhbti/)

## 支持

有话要说吗？是否需要帮助？

 [查看支持论坛](https://wordpress.org/support/plugin/server-scout/)