My Private Site Visitor Intelligence is a powerful add-on that extends the My Private Site plugin with robust visitor activity tracking and analysis. It transforms your private website into an insight-rich platform by recording key visitor events and highlighting unusual patterns.
Comprehensive activity logging and monitoring
Visitor Intelligence provides capabilities that enhance security awareness and administrative oversight, starting with activity logging and monitoring.
Complete login tracking
Visitor Intelligence monitors every login attempt on your site. Successful logins, failed logins, and even logouts are all recorded with timestamps and relevant user details. This provides you with a full audit trail of who attempted to access your site and when.
For example, you can see exactly when a user signed in or if someone tried an incorrect password and was denied. This level of insight helps admins verify user activity and spot any suspicious login behavior immediately.
Bot and crawler detection
Visitor Intelligence doesn’t just track human users. It also keeps an eye on automated visitors. It intelligently detects web crawlers and bots hitting your site, including traditional search engine bots as well as newer AI-based crawlers.
Each bot access is logged with its user agent, IP address, and timestamp. This means you can find out if, say, Google’s crawler or even emerging bots like OpenAI’s GPTBot tried to index your private content.
Knowing about bot traffic gives you actionable intelligence on how often your site is being probed or indexed by automated agents, which is crucial for understanding exposure and load on a private site.
Unified activity log
All these events, including logins, failures, logouts, and bot hits, are stored in a dedicated activity log database. The data captured for each event includes the event type, username (if applicable), user role(s), IP address, user agent, and the URL requested.
In the WordPress admin dashboard, Visitor Intelligence adds an Activity Log table where you can review these records chronologically. Each entry is clearly labeled (e.g. Login Success, Login Failure, Logout, AI Bot, Search Bot), and includes details like the user’s name, roles, IP, and a link to the accessed page if available.
This comprehensive log gives site owners full visibility into how their private site is accessed or targeted, serving both as a security audit log and a usage tracker.
Always-on, minimal impact
The logging operates seamlessly in the background with minimal performance impact. It hooks into WordPress events login and logout, and intercepts front-end requests to detect bots.
It’s engineered to skip unnecessary processing. For example, it ignores admin-area visits, REST API calls, or any duplicate triggers. This means you get thorough monitoring without slowing down your site.
Only significant events are recorded, so your database isn’t flooded with trivial data, striking a balance between insight and efficiency.
Unusual Activity Guardian provides intelligent threat detection
One of the most valuable features of Visitor Intelligence is the Unusual Activity Guardian, an on-demand analysis engine that highlights suspicious patterns in your site’s visitor activity.
Because the Unusual Activity analysis is run on-demand by the admin, it doesn’t consume resources continuously. You trigger it when needed, such as during a security review or on a schedule of your choosing. This on-demand approach ensures zero impact on your site’s day-to-day performance while still giving you powerful analytics when you want them.
With a single click, Visitor Intelligence analyzes recent log data and produces an Unusual Activity Report. This report is like having a security expert quickly review your logs and flag anomalies.
It checks for a variety of warning signs. These are listed next.
Multiple failed login attempts from one source
The report flags any IP addresses that have an unusually high number of failed login attempts (by default, 5 or more failures from the same IP). This is a telltale indicator of brute-force attack attempts.
If such an IP appears, it will be listed along with the count of failures, alerting you to potential attackers. The benefit is clear. You’re immediately aware of concentrated login attack activity and can take action, such as blocking an IP or tightening security, even if the attacker hasn’t succeeded.
Possible password-guess successes
Visitor Intelligence intelligently correlates failed and successful logins to warn you if a user’s account may have been compromised. It identifies cases where there were multiple failures in the 60 minutes leading up to a successful login for the same user.
For example, if an account “john_doe” had 3 or more rapid failed attempts and then a successful login, the report will flag this as a possible password‑guess success. This could mean someone finally guessed the correct password.
By catching this pattern, the plugin provides a heads-up that John’s account might need attention (password reset or user verification). It’s an extra layer of security insight beyond just knowing that a login succeeded.
Unusual traffic spikes
Visitor Intelligence uses statistical analysis to detect traffic spikes in site activity. It reviews the number of logged events per hour and computes a dynamic threshold based on your site’s normal activity. Roughly, it checks if any hour had at least double the average activity and at least 10 events.
If a particular hour’s event count shoots above this threshold, it’s flagged as an anomaly in the report, categorized under Traffic Spikes. This helps you spot surges in activity, perhaps an indicator of a coordinated access attempt, a sudden influx of users, or a bot hitting many pages at once.
The use of a dynamic baseline means the plugin adapts to your site’s typical usage patterns, reducing false alarms and only alerting you to significant, out-of-the-ordinary spikes.
Account used from many locations
The Unusual Activity Guardian identifies if any user account has logged in from an abnormally high number of distinct IP addresses (5 or more unique IPs).
This check, shown in the report as “Users with Many IP Addresses,” can indicate account sharing or a compromised account being used from various places.
For legitimate users, a few IP changes (home, office, mobile network) are normal, but if one account shows a long list of IPs, you’ll see it at a glance.
This insight lets site owners know when an account might require investigation (for example, to ensure it’s actually the same person or if credentials have leaked).
Heavy bot/crawler activity
The report shines a spotlight on bot traffic by listing the top five bot user-agents that have hit your site and how many times each was recorded.
It will specifically alert you if any single bot was particularly active (the default alert threshold is 10+ hits from the same user-agent). This section, labeled “Top Bot/Crawler Activity,” lets you know, for instance, if Googlebot tried to crawl dozens of pages, or if an unknown scraper is repeatedly accessing your site.
The benefit is that you can distinguish normal search engine indexing from aggressive or suspicious bot behavior. By revealing the most active bots, Visitor Intelligence helps you decide if you need to adjust your robots.txt, add bot blockers, or simply be aware of how crawlers interact with your private content.
Report summary and performance‑friendly analysis
All these findings are consolidated into a convenient dashboard report. At the top of the Unusual Activity Report is a summary banner that immediately tells you the overall status, if everything looks normal or if issues were found.
It will say “No unusual activity detected” if all checks pass clean, or indicate something like “Experiencing issues in 2 of 5 checks” so you know how many categories triggered alerts.
Each category described above is presented as a card with a clear title and an “OK” or “Issue” badge indicator. This visual design (using green checkmarks for OK and warning icons for issues) makes it extremely easy to scan the report and identify problem areas without parsing lots of text.
In essence, the Unusual Activity Guardian acts as your security watchdog. It uses data-driven rules to quickly surface possible threats or irregularities, so you can respond proactively. It brings peace of mind by ensuring that even subtle warning signs in your visitor activity won’t go unnoticed.
Powerful filtering, search, and export tools
Visitor Intelligence comes with an array of tools to help you drill down into the activity data and extract exactly the information you need. These features turn raw logs into actionable insights and convenient reports:
Flexible event filters
In the admin interface, you can filter the activity log by event type with just a dropdown selection. For instance, you can choose to view only Login Failures, or only Bot Access events, etc. There’s even a combined filter for “All Bot Access” which shows all types of bot entries in one view.
This is useful if you have a specific question like “show me all the failed logins this week” or “how often are search engines hitting my site?”. Instead of sifting through every entry, Visitor Intelligence will show you just the relevant subset, making it much faster to analyze specific aspects of visitor activity.
Search by user, IP, or agent
A built-in search box lets you query the log data by keywords. You can type a username, an IP address, or any fragment of a user agent string, and apply the search filter. The interface will instantly narrow the log to entries that match.
This is incredibly handy for troubleshooting and investigations. For example, if you want to see all activity from a particular user Alice, just search their username and you’ll get all their login and logout events. Or if you notice suspicious activity from an IP in the Unusual Activity Report, you can search that IP to see everything that IP has done on your site.
The search supports suffix wildcards () as well, enabling prefix searches, for example 192.168.. These search and filter capabilities ensure you can quickly find the proverbial needle in the haystack even if you have months of logs.
Date range filtering
You can constrain the log view to a particular time window using the date filter controls. With a couple of clicks, choose from pre-set ranges like Last 24 Hours, 7 Days, 30 Days, 90 Days, or All Time. This adds another layer of precision. For example, you might combine filters to say, “Show me all login failures in the last 7 days,” and the table will update accordingly.
The date filter is great for focusing on recent activity or comparing different periods. It is also integrated into the Unusual Activity analysis. If you have a date range filter active, the Identify Unusual Activity report will respect that range, or default to the last 7 days if no filter is set. In short, you’re in full control of the time frame when reviewing visitor data.
Paginated activity table
The activity log table is built to handle large numbers of records gracefully. It displays entries 25 at a time with pagination controls. You can navigate page by page, and the interface will tell you which page you’re on and the total number of events recorded.
Even if your site has accumulated thousands of log entries, you can browse through them without overwhelming your browser. And thanks to filtering, you usually can narrow the scope so fewer pages need scanning. This means the tool scales well, whether you have 100 events or 10,000 events, you can review them efficiently.
One-click data export (CSV)
A particularly valuable feature for power users and reporting is the ability to export the activity log to a CSV file. With a single button in the UI, Export Activity Data, you can download all filtered results or the entire log as a spreadsheet-compatible CSV file.
This allows you to take the data outside of WordPress for archiving, share it with colleagues, or perform further analysis in tools like Excel or even in an AI. The export includes all relevant fields: Date/Time, Event, User, User ID, Roles, IP, URL, and User Agent, with a header row for easy reference.
A behind-the-scenes benefit is that the export is implemented in a smart, chunked manner. The plugin will fetch the data in batches (500 records at a time) and build the CSV in the browser. This ensures that even very large logs can be exported reliably without timing out your server or browser.
Once you hit export, you’ll see a progress indicator and then a download prompt for a file named with the current date, for example, “2025-09-13 MPS Activity Data.csv”. This attention to detail makes it easy to create reports, backups, or audits of your site’s access history whenever you need.
Clear data controls
Visitor Intelligence also provides controls to manage the stored data. There is a Clear Activity Data button that lets you truncate the entire log with admin confirmation. This might be used if you want to reset the log after a certain period or before starting a new analysis cycle. For example, some admins might clear out older data after exporting it, to start fresh for the next quarter.
The clear function is protected with a confirmation dialog, “Are you sure? This cannot be undone,” to help prevent accidents
Additionally, there is a Clear Activity Report button which clears the last generated Unusual Activity Report from the screen. This is useful if you want to remove the report and re-run a new analysis.
These controls give administrators a tidy way to maintain the data and UI, ensuring you only see what’s relevant and can wipe old information when appropriate.
Seamless integration and user experience
Visitor Intelligence fits naturally into your existing workflow, prioritizing clarity and speed from installation to daily use. The result is a smooth, familiar experience that feels built‑in to WordPress while adding powerful oversight and controls.
Native WordPress admin UI
Visitor Intelligence is built to feel like a natural extension of My Private Site’s settings. Once installed and activated, it adds a new “Visitor Intelligence” tab under the My Private Site admin menu within the Site Privacy settings page.
The interface inherits WordPress’ look and feel, using familiar styles and icons for visual cues in the report. This means there’s virtually no learning curve. If you’re comfortable with WordPress and My Private Site, you’ll find Visitor Intelligence’s UI intuitive and easy to navigate.
Sections are well organized with collapsible accordion panels for filters, and clear headings like “Site Activity Monitor” and “Unusual Activity Guardian” in the settings.
Important buttons like “Identify Unusual Activity” are prominent, and status messages are displayed to confirm actions. Site admins can access and use Visitor Intelligence right from the WordPress dashboard without external tools or complex setup.
Performance and optimization
Under the hood, Visitor Intelligence is engineered with performance and scalability in mind. It creates its own optimized database table to store activity events, which means it doesn’t bloat your WordPress posts or comments tables with log data.
This table is indexed by key fields to ensure queries and report generation are fast even as the log grows. Safeguards include logging once per page load for bots, and truncating or storing only relevant substrings of very long user agents or URLs to keep data size efficient. These technical choices translate to a smoother user experience.
Pages in wp‑admin load quickly, the Identify Unusual Activity analysis runs in just a few seconds for typical data ranges, and the plugin runs reliably on everything from small personal sites to large membership portals. Visitor Intelligence adds valuable monitoring without slowing your site down.
Security and privacy considerations
Because this add‑on deals with sensitive data such as login attempts, user info, and IP addresses, it follows WordPress security best practices. Data is sanitized and stored safely, and all interactions like exporting data or clearing logs are restricted to administrators only and protected by WordPress permissions.
It’s an on‑premise solution. All tracking data stays on your WordPress database under your control, which is important for privacy compliance. Users get the benefits of detailed analytics without exposing information to third‑party services.
Summary of Benefits
Here’s what Visitor Intelligence adds to your site and why it matters.
Visibility
Know exactly what’s happening on your private site, who’s logging in or trying to, and when. The comprehensive log and real-time tracking ensure you’re never in the dark about access attempts.
Security insights
Identify potential security threats before they become breaches. Brute force attacks, suspicious login patterns, and aggressive bots are flagged for your attention via the Unusual Activity Guardian. This proactive stance can prevent attacks or catch them early, giving you peace of mind.
Actionable data
With filtering and search, you can investigate incidents or user behavior quickly, for example verifying if a user actually logged in on a certain day or compiling all actions from a specific IP. The data export makes reporting and compliance auditing easy, turning raw logs into shareable reports at the press of a button.
Ease of use
There is no learning curve. It’s built into the familiar WordPress admin interface and designed for clarity. Whether you’re a technical administrator or a non-technical site owner, the intuitive layout with clear labels, icons, and tool tips makes it simple to harness the plugin’s full power.
Modern and future‑ready
Visitor Intelligence keeps up with the evolving web landscape, recognizing modern AI bots and using adaptive algorithms to detect anomalies, so you’re equipped with state‑of‑the‑art monitoring for your site. It’s like having an intelligent guardian for your website that continuously learns what’s normal and what isn’t.
Final thoughts
In essence, Visitor Intelligence turns your private site from a black box into an insightful dashboard. It marries on‑demand privacy with on‑demand analytics, a combination that ensures you maintain control over access while also extracting valuable intelligence about visitor behavior.
Visitor Intelligence will be a resource for those of you who value security, situational awareness, and data‑driven decision making for their websites.
It’s not just about keeping people out. It’s about knowing who is trying to get in, how, and what they do when they’re in, all of which ultimately helps you protect your sites and tailor their security to real‑world usage patterns.
