plugin-icon

nBlick Signal Agent

By ldesuque·
Captures public request metadata and ships it in batches to the nBlick Signal API for bot detection and traffic analysis.
analytics
bot detection
logging
Ratings
Add a review
Version
1.0.0
Last updated
Jun 3, 2026

Server-side, non-blocking request logging with a local queue, batched delivery, exponential-backoff retries, a circuit breaker, query-parameter redaction, and path filtering. Admin actions use the WordPress REST API.

Configuration

Settings -> nBlick Signal Agent. Set the API key (or define NBLICK_SIGNAL_API_KEY in wp-config.php), enable logging, and use the Status tab to send a test event.

External services

This plugin connects to the nBlick Signal API, a third-party service, to provide bot detection and traffic analysis. This connection is essential to the plugin’s purpose: request data collected on your site is transmitted to nBlick for analysis, and the plugin does nothing useful without it.

What is sent, and when:

  • The plugin sends batches of request metadata to the nBlick Signal ingest endpoint (default: https://api.trynblick.com/signals/wordpress) on a recurring background schedule (via WP-Cron) whenever logging is enabled and queued data exists, and once when you click “Send Test Event”.
  • Each request record may contain: the visitor’s IP address, the request method, host, path, HTTP status code, user agent, referer, response size, request duration, a timestamp, query-string parameters (with sensitive keys such as passwords and tokens redacted), a per-site identifier (UUID), and a schema version number.
  • Only public front-end traffic is sent. WordPress admin, login, REST API, AJAX, cron, WP-CLI, and any paths you exclude are never collected or transmitted.
  • Authentication uses an API key you provide, sent in the X-NBlick-Signal-Key request header.

The IP address is transmitted in full because it is required for the service’s bot-detection and reverse-DNS analysis.

This service is provided by nBlick. By using the plugin you are sending the data described above to nBlick. Please review their terms and privacy policy:

  • Terms of service: https://trynblick.com/terms-of-service
  • Privacy policy: https://trynblick.com/privacy-policy

Privacy

  • The plugin is server-side only. It sets no cookies and performs no client-side or browser tracking.
  • Sensitive query parameters (configurable; by default password, pass, token, auth, authorization, apikey, api_key, secret, card, cc, ssn and similar) are redacted to “[REDACTED]” before storage and transmission.
  • Captured data is queued in a local database table and removed after it is sent successfully, or purged after the configured retention period (default 7 days).
  • When the Sodium PHP extension is available, the API key is encrypted at rest using your site’s authentication salts; defining NBLICK_SIGNAL_API_KEY in wp-config.php avoids database storage entirely.
  • Because the plugin transmits visitor IP addresses to a third party, you may need to disclose this in your own site’s privacy policy depending on your jurisdiction (e.g. GDPR/CCPA).
Freeon paid plans
Get started
By installing, you agree to WordPress.com Terms of Service and Third-Party plugin Terms.
Tested up to
WordPress 7.0
This plugin is available for download for your site.
Download