Introduction to the Request Logging system
Request Logging system is a silent site traffic watcher which you can use to find out what exactly is going on your site.
So, you can think of the this system as nothing more than a window into web requests to your WordPress site.
Why would you need the Request Logging?
In everyday use, you wouldn't need it to be active. It'll use resources that you otherwise don't need to use.
But, if you're concerned about a sudden performance drop, or feel that your site is subject to some sort of attack, you can enable it to get a more informed view on your traffic.
Please note that the Request Logging doesn't use a lot of resources. But it will perform an database insert (write) on each page load. It's a tiny execution and not one that will impact your page loading.
Shield performs this database write at the very end of execution so any page loading for the visitor will complete 99.99% and then the database execution starts.
In this way there'll be no noticeable performance impact from it if, for example, your SQL server is having trouble at the time.
How to configure Request Logging system
This system is accessible from within the Activity Logs menu > configuration > Request Logging and configuring it is very easy. You just need to enable it and then configure the following options based on your requirements:
- Live traffic
- Request log exclusions
- Custom exclusions (optional)
- Log Retention (auto expiry cleaning)
Once it's been configured, you can start using Traffic: HTTP Request Log Viewer to review and monitor your site traffic logs, including love traffic.
Traffic Logging Options Explanations
Option: Live Traffic
Provides real-time visibility into all incoming traffic to your WordPress site by temporarily logging all requests, without any exclusions. This feature can be useful for monitoring site activity, debugging issues, or gaining insights into user behavior.
Read more about this feature here.
Option: Request Log Exclusions
You can use this option to select request types that you don't want to be included in the traffic viewer. The following request types can be excluded:
- Logged-in users
- WP Cron
- Your server logs
- Search engines (bots) - supports Google, Bing, Yahoo!, Duck Duck Go, Yandex, Apple, Baidu
- Uptime Monitoring services (i.e. Status Cake, Pingdom, UptimeRobot)
If a request matches any exclusion rule, it will not show on the traffic viewer.
To find out how the Traffic Log Exclusions option works, read the article here.
Option: Custom Exclusions
You can use this option to exclude the logging of web requests you know to be legitimate
For each entry, if the text is present in either the User Agent or request Path, it will be excluded.
Take a new line for each entry. Please note that comparisons are case-insensitive.
To learn how to manually customize exclusions, read the article here.
Option: Log Retention
You can use this option to enable traffic log auto expiry.
Simply enter the maximum number of days you want and the Database cleanup will delete logs older than that number of days.
Important: The traffic log expiry will also depend on the WP Activity Log as the Activity Log relies on data from the traffic log too.