Minor polish \u2014 softened description copy. No functional changes.<\/p>","1.1.0":"
Major rename and policy change: all features now free, retention configurable up to 365 days, menu repositioned.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3549863,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3549863,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3549863,"resolution":"1544x500","location":"assets","locale":"","width":1544,"height":500},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3549863,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.1.6"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3549863,"resolution":"1","location":"assets","locale":"","width":2474,"height":1218},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3549863,"resolution":"2","location":"assets","locale":"","width":2480,"height":1218},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3549863,"resolution":"3","location":"assets","locale":"","width":2470,"height":1218},"screenshot-4.png":{"filename":"screenshot-4.png","revision":3549863,"resolution":"4","location":"assets","locale":"","width":1714,"height":1226},"screenshot-5.png":{"filename":"screenshot-5.png","revision":3549863,"resolution":"5","location":"assets","locale":"","width":1842,"height":1072}},"screenshots":{"1":"The main dashboard with real-time visitors, summary cards, and pageviews chart.","2":"Top pages, sources, devices, and browsers reports.","3":"Top referrers showing the actual external URLs sending traffic.","4":"Settings page with tracking, exclusions, and retention controls.","5":"Feedback page for feature requests and bug reports."}},"plugin_section":[],"plugin_tags":[232,20315,131785,396,521],"plugin_category":[36,54],"plugin_contributors":[264545],"plugin_business_model":[],"class_list":["post-316534","plugin","type-plugin","status-publish","hentry","plugin_tags-analytics","plugin_tags-cookieless","plugin_tags-gdpr","plugin_tags-privacy","plugin_tags-statistics","plugin_category-analytics","plugin_category-security-and-spam-protection","plugin_contributors-james333","plugin_committers-james333"],"banners":{"banner":"https:\/\/ps.w.org\/visitstats\/assets\/banner-772x250.png?rev=3549863","banner_2x":"https:\/\/ps.w.org\/visitstats\/assets\/banner-1544x500.png?rev=3549863","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/visitstats\/assets\/icon-128x128.png?rev=3549863","icon_2x":"https:\/\/ps.w.org\/visitstats\/assets\/icon-256x256.png?rev=3549863","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/visitstats\/assets\/screenshot-1.png?rev=3549863","caption":"The main dashboard with real-time visitors, summary cards, and pageviews chart."},{"src":"https:\/\/ps.w.org\/visitstats\/assets\/screenshot-2.png?rev=3549863","caption":"Top pages, sources, devices, and browsers reports."},{"src":"https:\/\/ps.w.org\/visitstats\/assets\/screenshot-3.png?rev=3549863","caption":"Top referrers showing the actual external URLs sending traffic."},{"src":"https:\/\/ps.w.org\/visitstats\/assets\/screenshot-4.png?rev=3549863","caption":"Settings page with tracking, exclusions, and retention controls."},{"src":"https:\/\/ps.w.org\/visitstats\/assets\/screenshot-5.png?rev=3549863","caption":"Feedback page for feature requests and bug reports."}],"raw_content":"\n
VisitStats<\/strong> is a lightweight, privacy-first analytics plugin for WordPress. All your data stays in your own WordPress database \u2014 we never see it, no third party sees it.<\/p>\n\n Why VisitStats?<\/strong><\/p>\n\n Recommended for sites with up to ~10,000 daily pageviews<\/strong> (around 95% of WordPress sites). For very high-traffic sites, consider dedicated analytics services.<\/p>\n\n What you get (all free, all the time):<\/strong><\/p>\n\n Privacy by design<\/strong><\/p>\n\n VisitStats never:<\/p>\n\n Visitor identification uses a daily-rotating salt hashed with the (anonymized) IP and User Agent to count unique visits within a 24-hour window. The salt regenerates every 24 hours, making cross-day tracking impossible. This is the same approach used by Plausible Analytics and Fathom Analytics.<\/p>\n\n For developers<\/strong><\/p>\n\n VisitStats is designed to minimize GDPR exposure: no cookies, no IP storage, no fingerprinting, and data stays on your own server. We don't claim \"compliance\" as a legal certainty (that depends on your processing context), but we provide the technical foundations that make compliance achievable without a cookie banner.<\/p><\/dd>\n For sites up to ~10,000 daily pageviews, no measurable impact. The tracker is under 2KB and uses In your own WordPress database. We never see it. There is no cloud component, no SaaS layer, no external service.<\/p><\/dd>\n No. The plugin includes automatic pruning. Raw events are pruned at your configured retention window (default 30 days). Daily aggregates are kept separately and are tiny \u2014 one row per day per metric.<\/p><\/dd>\n Yes. The tracker uses a standard WordPress script and a REST endpoint. Caching plugins won't break it.<\/p><\/dd>\n Yes. They don't conflict. Many users run both during migration.<\/p><\/dd>\n In its current form, the plugin reads There's a \"Feedback\" page inside the plugin with a feature voting form. The most-requested items get worked on first.<\/p><\/dd>\n\n<\/dl>\n\n\n\n
\n
\n
\n
\/wp-json\/visitstats\/v1\/<\/code><\/li>\n\n
\/wp-content\/plugins\/<\/code> or install via the WordPress plugin directory.<\/li>\n\n
Is this really GDPR-friendly?<\/h3><\/dt>\n
Will this slow down my site?<\/h3><\/dt>\n
navigator.sendBeacon()<\/code> so requests never block page interactions. For sites consistently above 10K daily pageviews, we recommend dedicated analytics services.<\/p><\/dd>\nWhere is my data stored?<\/h3><\/dt>\n
Will my database get huge?<\/h3><\/dt>\n
Does it work with caching plugins?<\/h3><\/dt>\n
Can I run this alongside Google Analytics?<\/h3><\/dt>\n
Does it work with Cloudflare or a reverse proxy?<\/h3><\/dt>\n
REMOTE_ADDR<\/code> for visitor identification. Sites behind Cloudflare or a custom reverse proxy will see all visitors hashed identically, which affects unique-visitor counts. Support for proxy headers is on the roadmap \u2014 submit feedback from the plugin's \"Feedback\" page to prioritize it.<\/p><\/dd>\nHow can I request features?<\/h3><\/dt>\n
1.1.6<\/h4>\n\n
\n
referrer: null<\/code> for direct visits, and WordPress's REST sanitize callbacks ran esc_url_raw(null)<\/code> before our PHP code could intercept. Now the tracker sends empty string, and we use custom null-safe sanitize callbacks server-side as defense in depth.<\/li>\n<\/ul>\n\n1.1.5<\/h4>\n\n
\n
1.1.4<\/h4>\n\n
\n
visitstats_<\/code> prefix (was ip_rl_<\/code>). No user-visible changes.<\/li>\n<\/ul>\n\n1.1.3<\/h4>\n\n
\n
1.1.2<\/h4>\n\n
\n
1.1.1<\/h4>\n\n
\n
1.1.0<\/h4>\n\n
\n
1.0.x<\/h4>\n\n
\n