WordPress 6.0+
PHP 8.0+
Zero frontend overhead
Your plugins are
one deactivation
away from a crash.
Omni Guard is the only WordPress plugin that actively prevents the White Screen of Death caused by missing dependencies — through static code scanning, a runtime error handler, pre-flight checks, and developer safety shims. All four layers, all the time, zero configuration.
Plugin A breaks when Plugin B disappears.
WordPress does nothing about it.
WordPress 6.5 introduced the Requires Plugins header — a good step. But it only prevents a plugin from being activated without its dependency. It does nothing when a dependency is removed after activation. That’s where sites die.
🔴 The classic crash sequence
- Plugin A (e.g. your custom plugin, a CRM addon, a checkout extension) calls a function from Plugin B (e.g. ACF, WPML, WooCommerce, a premium plugin).
- Plugin B is deactivated during maintenance, deleted by a mistake, updated to a version that renames the function, or simply fails to load due to a file error.
- Plugin A’s code tries to call the now-missing function at request time.
- PHP throws a fatal “Call to undefined function” error. WordPress has no handler for it.
White Screen of Death. Site is down.
Every visitor sees a blank page. Every admin sees nothing. The only fix is SSH access to deactivate the broken plugin manually.
Why existing tools don’t solve this
WordPress Core (6.5+ headers)
Prevents activation without a dependency. Silent when a dependency is removed after activation. No runtime protection, no function-level scanning, no incident log.
ManageWP / WP Umbrella / MainWP
Site management and uptime monitoring tools. They detect that your site went down after the crash. They don’t prevent it. No dependency mapping, no runtime interception.
Security plugins (Wordfence, iThemes)
Scan for malware, vulnerability databases, login protection. Not built for plugin-to-plugin dependency safety. They watch the perimeter — not the inter-plugin call graph.
Protection at every stage,
from scan time to shutdown.
Omni Guard operates at four distinct points in the WordPress request lifecycle — catching problems before they happen, during execution, and at the very last moment before PHP dies.
Static Code Scanner
Tokenises the PHP source of every active plugin using PHP’s native token_get_all() — no regex, no exec, no external service. Builds a complete map of which plugin calls functions defined in which other plugin. Assigns risk levels (High: auth/payment/security · Medium: data functions · Low: utilities). Runs automatically on a WP-Cron schedule and immediately when any plugin is activated or deactivated.
Runtime Error Handler
Registers both set_error_handler() and register_shutdown_function() at plugins_loaded priority 1 — before any other plugin fires. If a “Call to undefined function” error occurs at runtime, Omni Guard catches it, logs the incident with full context (plugin, function, URL, user, timestamp), and — on admin pages — renders a clean recovery screen with actionable next steps instead of a blank page.
// What Omni Guard catches and contains: // Fatal error: Call to undefined function wpml_object_id() // → Site would have shown blank screen // → Omni Guard shows recovery notice instead 🛡 Missing dependency intercepted: wpml_object_id() Called by: My Custom Plugin Rest of site: ✓ operational
Pre-flight Dependency Check
On every admin request at init priority 1, reads the full dependency map and calls function_exists() on every known cross-plugin function. Any that return false fire an admin notice and an optional email before any plugin code has a chance to call them. This is the “warn before crash” layer — it catches the window between a plugin being deactivated and the next page load that would have caused the fatal error.
Developer Safety Shims
Three globally available PHP functions that plugin developers can use to make their cross-plugin calls crash-proof without any dependency on Omni Guard being installed. If Omni Guard is absent, the functions don’t exist — which itself is a safe failure (no call is made). If it is installed, they provide full guard + logging + WP_Error return instead of a crash.
No other plugin does this.
Here’s the evidence.
We compared Omni Guard against every category of existing tool that someone might reasonably expect to solve this problem. None of them do.
| Feature / Capability | 🛡 Omni Guard | WordPress 6.5+ Requires Plugins header |
ManageWP GoDaddy |
WP Umbrella SaaS |
MainWP Self-hosted |
Wordfence Security |
|---|---|---|---|---|---|---|
| Core dependency safety | ||||||
| Static cross-plugin dependency scanningAnalyses PHP source to map which plugin calls functions from which other plugin | ✓ Full tokeniser-based scan | ✗ | ✗ | ✗ | ✗ | ✗ |
| Runtime interception of undefined function callsCatches fatal PHP errors before they kill the page | ✓ set_error_handler + shutdown | ✗ | ✗ | ✗ | ✗ | ✗ |
| White Screen of Death preventionSite stays up when a dependency is missing | ✓ Recovery screen on admin | ✗ Site crashes | ✗ Detects after crash | ✗ Detects after crash | ✗ Detects after crash | ✗ |
| Pre-flight check before crashWarns that a function is missing before any plugin code calls it | ✓ Every admin request | ✗ | ✗ | ✗ | ✗ | ✗ |
| Instant alert on plugin deactivationFires immediately when a provider plugin is turned off, before anyone hits the broken page | ✓ Hooks deactivated_plugin | ~ Blocks deactivation if dependents active | ✗ | ✗ | ✗ | ✗ |
| Dependency risk scoringHigh / Medium / Low based on function type (auth, data, utility) | ✓ 3-level scoring | ✗ | ✗ | ✗ | ✗ | ✗ |
| Developer tools | ||||||
Safe-call shim (og_call())Global helper that returns WP_Error instead of crashing if function missing |
✓ | ✗ | ✗ | ✗ | ✗ | ✗ |
Fallback-call shim (og_guard())Calls function if exists, otherwise runs a fallback callable |
✓ | ✗ | ✗ | ✗ | ✗ | ✗ |
| REST API for dependency dataJSON endpoints for integration with external monitoring | ✓ | ✗ | ~ Site-level API | ~ Public API (site mgmt) | ✗ | ✗ |
| Monitoring & alerting | ||||||
| Incident log with full contextPer-incident record: function, caller plugin, URL, user, timestamp, detection method | ✓ DB-stored, searchable | ✗ | ~ Error log | ✓ PHP error monitoring | ~ Via extensions | ~ Activity log |
| Email alert for missing dependencyThrottled: once per function per hour, max 5/day | ✓ Built-in | ✗ | ✓ Premium add-on | ✓ Included | ✓ Via extensions | ✓ Premium |
| Uptime monitoring (detects site-down post-crash)Pings site externally and alerts when it goes offline | ✗ Not in scope | ✗ | ✓ Premium | ✓ Included | ✓ Via extension | ✗ |
| Deployment & cost | ||||||
| Pricing | ✓ Free, open source | ✓ Free (WP Core) | Free base + $1–2/site/month for add-ons | €1.99/site/month, all features | Free base + $199/yr Pro | Free + $119/yr Premium |
| Single-site install (no external service) | ✓ | ✓ | ✗ Requires external SaaS | ✗ Requires external SaaS | ~ Self-hosted dashboard | ✓ |
| Zero frontend performance impact | ✓ Cron-only, no frontend hooks | ✓ | ~ Agent plugin | ~ Agent plugin | ~ Agent plugin | ✗ Frontend scanning overhead |
| Never modifies other plugin files | ✓ Read-only | ✓ | ✓ | ✓ | ✓ | ✓ |
† ManageWP/WP Umbrella/MainWP are multi-site management SaaS platforms — they solve a different problem (site management at scale) and detect crashes reactively. They are not competitors in function; they are listed because admins often check whether they cover this gap. They don’t.
One plugin. Complete protection.
Every feature ships in the free plugin. No tiers, no upsells, no SaaS account required.
PHP Tokeniser Scanner
Uses token_get_all() — not regex. Accurately identifies function definitions and calls across the entire plugin codebase, skipping vendors, tests, and files over 512 KB.
Runtime Error Interception
Catches fatal “Call to undefined function” errors at the PHP level. Shows a structured recovery page on admin instead of a blank screen. Logs full context automatically.
Pre-flight Checking
Reads the dependency map on every admin request and verifies every mapped function still exists. Fires admin notices before any crash can occur.
Instant Deactivation Alert
Hooks deactivated_plugin. When a provider plugin is turned off, immediately identifies every function it provided that other plugins depend on and logs critical incidents.
Dependency Health Dashboard
Full admin UI: KPI cards, live dependency map with risk badges, incident log with severity filter, pre-flight status, and developer code examples — all in one page.
REST API
Four JSON endpoints: /status, /dependencies, /incidents, /preflight. Integrate with external monitoring dashboards or custom tooling.
Throttled Email Alerts
Sends an HTML email when a missing function is detected. Intelligently throttled: once per function per hour, maximum 5 per day — no alert fatigue.
Incident Log
Every missing-function event is stored with caller plugin, called function, severity, detection method, URL, user ID, and timestamp. Filterable, paginatable, exportable.
Whitelist & Ignore Lists
Exclude specific functions from tracking (whitelist) or skip entire plugins from being scanned (ignore list). Fully configurable from the Settings page.
Three functions that make
your plugin bulletproof.
If your plugin calls functions from another plugin, you have two choices: hope it never gets deactivated, or use the Omni Guard shims. The shims degrade safely if Omni Guard itself isn’t installed.
Safe call
Calls the function if it exists. Returns a WP_Error and logs the incident if it doesn’t. Your site never crashes.
// Instead of: wpml_object_id($id, 'post'); // Use: $result = og_call( 'wpml_object_id', $id, 'post' ); if (is_wp_error($result)) { // Handle gracefully }
Existence check
A readable, self-documenting wrapper for function_exists() that signals intent to Omni Guard’s scanner.
// Instead of: if (function_exists( 'acf_add_local_field_group' )) { ... } // Use: if (og_exists( 'acf_add_local_field_group' )) { acf_add_local_field_group($config); }
Call with fallback
Calls the function if it exists; otherwise calls your fallback. Ideal for optional enhancements where a default value is acceptable.
// Run function or use fallback: $price = og_guard( 'wc_price', fn() => 'N/A', $amount ); // og_guard returns wc_price($amount) // if WooCommerce is active, or // 'N/A' if it isn't.
Works without Omni Guard installed
If your plugin uses these shims and Omni Guard is not installed on the end user’s site, the functions simply don’t exist — which means the shim call itself would fail. To handle this, wrap in a standard function_exists() check:
// Fully portable pattern: $result = function_exists('og_call') ? og_call('some_plugin_func', $args) : (function_exists('some_plugin_func') ? some_plugin_func($args) : null);
Free forever. No catches.
Omni Guard is open source and free because dependency safety is a basic infrastructure concern, not a premium feature.
- Static PHP tokeniser scanner
- Runtime error interception
- Pre-flight dependency checking
- Instant deactivation alerts
- Full dependency map dashboard
- Incident log with full context
- Email alerts (throttled)
- og_call / og_exists / og_guard shims
- REST API (5 endpoints)
- Whitelist & ignore lists
- Clean uninstall (opt-in data deletion)
- PHP 8.0+ · WordPress 6.0+
Omni Guard is a dependency safety plugin, not a site management platform. These remain out of scope by design:
- Uptime monitoring (use WP Umbrella, ManageWP)
- Backup & restore (use UpdraftPlus, WP Umbrella)
- Multi-site dashboard (use MainWP, ManageWP)
- Security scanning / malware (use Wordfence)
- Plugin version management (use WordPress core)
- Composer / autoload management
These tools are all good at what they do. Use them alongside Omni Guard.
Common questions
Does Omni Guard fix missing dependencies?
og_call() to handle the missing state gracefully. Omni Guard is the safety net, not the solution.Does it slow down my site?
function_exists() on each mapped function. This takes microseconds.Does the scanner modify any plugin files?
What’s the difference between Omni Guard and WordPress 6.5’s Requires Plugins header?
Requires Plugins header (introduced in WordPress 6.5) prevents a plugin from being activated if its declared dependency isn’t already active. That’s a good start. But it does nothing when a dependency is removed after activation, which is exactly when crashes happen. It also requires the plugin developer to explicitly declare the dependency — it doesn’t scan code to find undeclared ones. Omni Guard catches both declared and undeclared dependencies, and protects the live site rather than just blocking activation.Does it work with WooCommerce, ACF, WPML, Gravity Forms, etc.?
What happens if Omni Guard itself is deactivated?
og_call(), og_exists(), and og_guard() functions no longer exist, so any plugin using them will need to wrap calls in a function_exists('og_call') check (as shown in the Developer section). The DB tables and incident history persist unless you’ve enabled “Delete on Uninstall” in Settings.Can I use Omni Guard alongside ManageWP, WP Umbrella, or MainWP?
Is the data stored anywhere externally?
wp_mail().Does the scanner find 100% of dependencies?
$func = 'foo'; $func();), (2) functions resolved through call_user_func with a runtime string, (3) dependencies in JavaScript or REST calls. These edge cases are inherently undetectable without running the code. For the vast majority of real plugin-to-plugin dependencies (direct PHP function calls), the tokeniser approach is accurate and complete.Your site is one plugin deactivation
away from going dark.
Install Omni Guard. Run the scan. Know exactly what would break and why — before anything does.
WordPress.org hosted · GPL v2 · PHP 8.0+ · WordPress 6.0+ · No SaaS account · No credit card