Live Traffic Monitor
Real-time HTTP request monitoring for your WordPress site. Watch every request as it happens — filter by humans, bots, and blocked traffic. Identify attacks, troubleshoot issues, and understand your traffic patterns.
Overview
The Live Traffic module provides a real-time feed of every HTTP request hitting your WordPress site. It classifies each request as human, bot, or blocked, and provides detailed information including IP address, user agent, URI, response code, and response time.
Live Traffic is managed from the VistoShield cloud dashboard at Sites → [your site] → Live Traffic.
Key Features
- Real-Time Request Feed — See every request as it arrives with method, URI, IP, status code, and response time
- Bot vs Human Classification — Automatic classification based on user agent, behavior, and rDNS verification
- Filter Tabs — Quick filters for All, Humans, Bots, and Blocked requests with counts
- User Agent Analysis — Full user agent string displayed with hover tooltip for each request
- Geographic Origin Data — Country-level identification for each request IP
- Response Code Dashboard — See 200, 301, 403, 404, 500 responses at a glance
Dashboard Stats
The Live Traffic dashboard displays five key metrics:
- Requests Today — Total HTTP requests in the last 24 hours
- Blocked — Requests blocked by WAF, Bot Detector, or Login Guard
- Bots — Requests identified as bot traffic (both legitimate and malicious)
- Unique IPs Today — Number of distinct IP addresses seen
- Total Logged — Cumulative requests in the event history
Filtering Traffic
Use the filter tabs above the traffic table to narrow the view:
- All — Shows every request (default)
- Humans — Only requests classified as human visitors
- Bots — Only bot requests (crawlers, scrapers, tools) that were not blocked
- Blocked — Only requests that were blocked by a security module (WAF, Bot Detector, Login Guard)
Traffic Table Columns
| Column | Description |
|---|---|
| Time | When the request occurred (relative or absolute timestamp) |
| Method | HTTP method (GET, POST, PUT, DELETE, HEAD) |
| URI | The requested path (e.g., /wp-admin/, /wp-json/wp/v2/posts) |
| IP | Source IP address of the request |
| Status | HTTP response code (200, 301, 403, 404, 500) |
| Type | Classification: Human or Bot |
| Blocked By | Which module blocked the request (WAF, Firewall, Bot Detector, Spam Filter) or — if allowed |
Settings
Configure Live Traffic from the Settings tab:
- Log retention — How long to keep traffic logs (Free: 3 days, Pro: 14 days, Max: 30 days)
- Exclude IPs — IPs to exclude from logging (e.g., your own IP, monitoring services)
- Exclude paths — URIs to exclude (e.g., /wp-cron.php, health check endpoints)
- Real IP header — Configure which header to use for real client IP when behind a proxy (CF-Connecting-IP, X-Real-IP, X-Forwarded-For)
Pro Features
With a Pro or Max plan, Live Traffic provides:
- Extended history (up to 14 days vs 3 days on Free)
- Unlimited live traffic entries (Free shows last 20)
- Advanced filtering and export
- Cross-site traffic comparison from the cloud dashboard
FAQ
Does Live Traffic affect site performance?
No. The module logs requests asynchronously with minimal overhead. Traffic data is stored locally and synced to the cloud dashboard in batches.
Can I see traffic from behind Cloudflare?
Yes. Configure the Real IP header in Settings to use CF-Connecting-IP. The CDN Connector module can also restore real IPs automatically.