Statify Blacklist


A blacklist extension for the famous Statify WordPress plugin.

This plugin adds a customizable blacklist to Statify to allow blocking of referer spam or internal interactions.


Referer Blacklist

Add a list of domains (for simplicity only second-level, e.g. which blocks

Target Blacklist

Add a list of target pages (e.g. /test/page/, /?page_id=123) that will be excluded from tracking.

IP Blacklist

Add a list of IP addresses or subnets (e.g.,, 2001:db8:a0b:12f0::/64).

CleanUp Database

Filters can be applied to data stored in database after modifying filter rules or for one-time clean-up.


This plugin requires Statify to be installed. The extension has been tested with Statify up to version 1.7
The plugin is capable of handling multisite installations.

Support & Contributions

  • If you experience any issues, use the support forums.
  • Latest sources and development are handled on GitHub. You might contribute there or file an issue for code related bugs.
  • If you want to translate this plugin you can do this on WordPress Translate.


  • Author: Stefan Kalscheuer
  • Special Thanks to pluginkollektiv for maintaining Statify


  • Statify Blacklist settings page


  • If you don’t know how to install a plugin for WordPress, here’s how.
  • Make sure Statify plugin is installed and active
  • Goto Settings -> Statify Blacklist to configure the plugin


  • PHP 5.5 or above
  • WordPress 4.7 or above
  • Statify plugin installed and activated (1.5 or above)


What is blocked by default?

Nothing. By default, all blacklists are empty and disabled. They can and have to be filled by the blog administrator.

A default blacklist is not provided, as the plugin itself is totally neutral. If you want to filter out referer spam,
visitors from search engines, just “false” referrers from 301 redirects or you own IP address used for testing only depends on you.

Does the filter effect user experience?

No. It only prevents Statify from tracking, nothing more or less.

Does live filtering impact performance?

Yes, but probably not noticeable. Checking a single referer string against a (usually small) list should be negligible compared to the total loading procedure.
If this still is an issue for you, consider deactivating the filter and only run the one-time-cleanup or activate the cron job.

Is any personal data collected?

No. The privacy policy of Statify is untouched. Data is only processed, not stored or exposed to anyone.

Are regular expression filters possible?

Yes, it is. Just select regular expressions (case-sensitive or insensitive) as matching method instead of exact or keyword match.

Why is IP filtering only available as live filter?

As you might know, Statify does not store any personal information, including IP addresses in the database.
Because of this, an IP blacklist can only be applied while processing the request and not afterwards.

Can whole IP subnet be blocked?

Yes. The plugin features subnet blacklists using CIDR notation.
For example blacklists all sources from to
Same for IPv6 prefixes like 2001:db8:a0b:12f0::/64.


January 8, 2020
Thank you so much for this great plugin! Feature request: only allow IPs from certain countries, for example Germany, Switzerland and Austria.
Read all 1 review

Contributors & Developers

“Statify Blacklist” is open source software. The following people have contributed to this plugin.

“Statify Blacklist” has been translated into 1 locale. Thank you to the translators for their contributions.

Translate “Statify Blacklist” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.


1.5.2 / 03.09.2020

  • Minor translation updates
  • Declared compatibility with WordPress 5.5

1.5.1 / 20.05.2020

  • Fix initialization on AJAX calls for Statify 1.7 compatibility (#22)

1.5.0 / 13.05.2020

  • Minimum required WordPress version is 4.7
  • Removed load_plugin_textdomain() and Domain Path header
  • Added automatic compatibility check for WP and PHP version (#17)
  • Added keyword filter mode for referer blacklist (#15)
  • Layout adjustments on settings page
  • Regular expression filters are validated before saving (#13)

1.4.4 / 19.05.2018

  • Fix live filter chain when regular expressions are active (#12)

1.4.3 / 09.01.2018

  • Fix issues with multisite installation (#11)

1.4.2 / 12.11.2017

  • Minor code fixes

1.4.1 / 16.07.2017

  • Relicensed to GPLv2 or later
  • Fix filter hook if referer is disabled (#9)
  • Fix problem with faulty IPv6 netmask in IP blacklist
  • Minor changes for WP Coding Standard
  • Minimum required WordPress version is 4.4 (#10)

1.4.0 / 10.06.2017

  • IP blacklist implemented (#7)
  • Target page blacklist implemented (#8)
  • Internal configuration restructured (upgrade on plugin activation)
  • Statify hook name changed to statify__skip_tracking (as of Statify 1.5.0)

1.3.1 / 09.12.2016

  • Continue filtering if no filter applies (#6)

1.3.0 / 17.10.2016

  • Regular expressions filtering implemented

1.2.1 / 10.10.2016

  • Fix live filter configuration check

1.2.0 / 29.08.2016

  • Switched from in_array() to faster isset() for referer checking
  • Optional cron execution implemented

1.1.2 / 17.08.2016

  • Prepared for localization

1.1.1 / 16.08.2016

  • Some security fixes

1.1.0 / 15.08.2016

  • One-time execution on database

1.0.0 / 14.08.2016

  • First release