Skip to main content

Privacy & Compliance

The plugin is designed to work with analytics while respecting user privacy:
  • No cookies: Pure server-side implementation
  • No JavaScript: No client-side tracking code
  • Data minimization: Only HTTP metadata, no content
  • Automatic redaction: Sensitive parameters removed
  • Public only: Admin and user areas excluded
Full IP addresses are collected as they are essential for accurate bot detection and traffic analysis. If your jurisdiction requires IP anonymization, additional configuration may be needed.

Data Collection

The plugin collects standard HTTP request metadata from public pages:

Required Fields

The following fields are required for every log entry sent to Agent Analytics:
FieldFormatMax LengthDescription
timestampISO 8601-UTC timestamp of the request
methodString10 charsHTTP method (GET, POST, etc.)
hostString255 charsRequest hostname
pathString2048 charsURL path (without query string)
status_codeInteger100-599HTTP response status code
ipString45 charsClient IP address (supports IPv4/IPv6)
user_agentString1024 charsUser agent string
All required fields must be present for successful log ingestion. Missing fields will result in validation errors on the API side.

Optional Fields

These fields are included when available but not required:
FieldFormatMax LengthDescription
query_paramsObject100 keysQuery string parameters (after redaction)
refererString2048 charsHTTP referer header
bytes_sentInteger-Response size in bytes
duration_msInteger-Request processing time
The plugin does not collect: page content, form data, WordPress user information, admin activity, database queries, or any server-side application data.

Automatic Path Filtering

Always Excluded Paths

The following paths are automatically excluded from logging and cannot be overridden: 
wp-admin         # All admin pages and subdirectories
wp-login.php     # Login page
wp-cron.php      # Cron jobs
admin-ajax.php   # Admin AJAX calls
xmlrpc.php       # XML-RPC interface
wp-json/wp/*     # WordPress core REST API
These exclusions use substring matching, so they work regardless of WordPress installation directory (e.g., /blog/wp-admin/ is also excluded).

Request Type Exclusions

The plugin automatically skips:
  • Admin-referred requests: Any request with a referer containing wp-admin
  • REST API calls: Requests with rest_route=/wp/* query parameter
  • CLI operations: WP-CLI commands
  • Edit context: REST requests with context=edit parameter

Path Filtering Priority

Paths are evaluated in this order:
  1. Built-in exclusions (wp-admin, wp-login.php, etc.)
  2. Custom deny paths (user-configured patterns)
  3. Referer check (requests from wp-admin)
  4. REST API check (WordPress core API)
First match wins - if any check matches, the request is excluded.

Query Parameter Redaction

Default Redacted Parameters

The following query parameter keys are automatically redacted (replaced with [REDACTED]): 
password    # Password fields
pass        # Alternative password fields
token       # Authentication tokens
secret      # Secret keys
card        # Credit card fields
cc          # Credit card abbreviation
ssn         # Social security numbers
Redaction uses substring matching. Any parameter containing these strings will be redacted (e.g., user_password, api_token, card_number).

Redaction Example

Original query string: 
?username=john&password=secret123&product=widget&api_token=abc123
After redaction: 
{
  "username": "john",
  "password": "[REDACTED]",
  "product": "widget",
  "api_token": "[REDACTED]"
}

API Key Security

Storage Methods

The plugin supports three methods for API key configuration, in order of security preference:
Add to your server environment:
WP_ENV_AGENT_ANALYTICS_API_KEY=bot_your_key_here
Or in wp-config.php:
define('WP_ENV_AGENT_ANALYTICS_API_KEY', 'bot_your_key_here');
For production environments, use environment variables or constants. Database storage should only be used for testing or when file access is restricted.

IP Address Handling

Detection Order

The plugin attempts to detect the real client IP in this order:
  1. HTTP_X_FORWARDED_FOR - First IP in the list (for proxies/load balancers)
  2. HTTP_CF_CONNECTING_IP - Cloudflare’s real IP header
  3. HTTP_X_REAL_IP - Alternative proxy header
  4. HTTP_TRUE_CLIENT_IP - Cloudflare Enterprise header
  5. REMOTE_ADDR - Direct connection (fallback)
The plugin automatically handles reverse proxies used by managed WordPress hosts (WP Engine, Kinsta, etc.) and CDNs (Cloudflare, Fastly).

IP Privacy Considerations

  • No anonymization: Full IP addresses are captured for accurate bot detection
  • Required for service: IP data is essential for geographic analysis and reverse DNS lookups
  • GDPR compliance: Consider your legal requirements for IP data collection

Configuration Options

General Settings

SettingDefaultDescription
Enable LoggingOffMaster switch for log collection
API Endpointhttps://artemis.api.tryprofound.com/v1/logs/wordpressDestination for logs
Batch Size500Number of logs per send (50-1000)
Send Interval60 secondsHow often to process queue (30-600 seconds)

Privacy Settings

SettingDefaultOptionsDescription
Skip AdminOnOn/OffExclude /wp-admin/ requests
Skip CronOnOn/OffExclude cron job requests
Skip AJAXOnOn/OffExclude admin AJAX calls
Skip RESTOffOn/OffExclude ALL REST API requests (not just core)
Redact Query Keyspassword,pass,token,secret,card,cc,ssnComma-separated listParameters to redact

Advanced Settings

SettingDefaultDescription
Custom Deny PathsEmptyNewline-separated path patterns (supports wildcards)
Max Queue Size100,000Maximum logs to store before dropping old entries
Retention Days7Days to keep unsent logs
Circuit Breaker Threshold3Consecutive failures before pausing
Circuit Breaker Cooldown30 minutesPause duration after threshold reached

Custom Path Filtering

Wildcard Pattern Examples

Add custom path exclusions using these patterns: 
/private/*           # Exclude all paths starting with /private/
*/temp/*            # Exclude paths containing /temp/
*.pdf               # Exclude all PDF files
/api/v1/internal/*  # Exclude internal API endpoints
staging.*           # Exclude staging subdomains

Data Retention

Plugin-Side Retention

  • Queue entries: Deleted after successful send
  • Failed entries: Retried up to 6 times with exponential backoff
  • Old entries: Auto-cleaned after retention period (default 7 days)
  • Maximum queue: Oldest entries dropped when limit reached (100,000)

API-Side Processing

  • Successful logs: Processed immediately by Agent Analytics
  • Validation errors: Logged but entry still deleted from queue
  • Authentication failures: Queue paused, circuit breaker activated

Performance Characteristics

  • Processing overhead: < 1ms per request
  • Memory usage: Minimal (single array per request)
  • Database operations: One INSERT per request
  • No output buffering: Does not delay response delivery
  • Send interval: Every 60 seconds (configurable)
  • Batch size: Up to 500 logs per send (configurable)
  • Timeout: 5 second maximum per batch
  • Queue limit: 100,000 entries maximum
  • Automatic retry: Exponential backoff on failures
  • Circuit breaker: Pauses after 3 consecutive failures
  • Queue persistence: Logs preserved during outages
  • Lock mechanism: Prevents concurrent processing

Security Best Practices

  • Store API keys in environment variables rather than the database for production sites.
  • Ensure all sensitive areas of your site are excluded from logging.
  • Check the Status tab regularly to ensure logs are sending properly.
  • Use the “Send Test Event” feature to verify connectivity without affecting real data.
  • Ensure your WordPress site uses HTTPS to protect data in transit to your server.
If you discover any security issues or need assistance with configuration, please contact [email protected] immediately.