LiteCache Suspicious Traffic Viewer Plugin for WordPress (origin)
Makes the invisible traffic visible
Reveals suspicious and masked traffic patterns
STV is not a generic traffic counter. It focuses on the suspicious layer: masked requests, bots, scrapers, non-human patterns, and non-200 traffic that only becomes meaningful when reviewed over time.
This is where STV differs from generic traffic plugins.
Traditional traffic tools usually try to show everything. STV does not. It deliberately ignores clearly human-like 200 requests and instead focuses on traffic that is more likely to become a blind spot - suspicious requests, non-human traffic, disguised patterns, and requests with non-200 status codes.
That focus is the actual value of STV.
Known bots are often the easy part because they are easier to detect. The larger and more relevant layer is often suspicious traffic that does not openly identify itself as automation. STV was built for that less obvious layer.
In many environments, the real problem is not that suspicious traffic is never logged. The real problem is that it is buried inside ordinary looking traffic and never becomes visible as a pattern. STV was built to close that gap.
This also means STV avoids fake certainty. If a request is well masked, it is often impossible to prove what it really is from a single log entry alone. In those cases, "suspicious" is the honest label.
STV is not a realtime logger. It works with imported log data and is designed for review, inspection, and pattern recognition rather than live streaming.
STV is also physically limited. Requests that are fully served by page cache or CDN cache never reach PHP and therefore remain invisible to STV. This is not a bug, but a technical blind spot of every PHP based approach.
Another important difference is that STV is db-less while logging. The logger itself does not write every captured request directly into the database. Request data is first collected and then imported later. This avoids additional database load during logging and keeps the capture process lightweight.
The real value of STV appears when suspicious traffic is not judged too quickly. A single request may look harmless. Repeated patterns over time often reveal much more.
In short:STV is not a generic traffic viewer.It is a focused visibility tool for suspicious, masked, non-human, and abnormal requests that traditional traffic views often miss or fail to classify clearly.
Main characteristics
- Makes suspicious and masked traffic more visible
- Not limited to AI crawlers - also useful for bots, scrapers, and disguised requests
- Intentionally ignores clearly human-like 200 requests
- Tracks non-200 requests because they often reveal relevant anomalies
- Focuses on the less obvious suspicious layer, not only on known bots
- Daily import workflow instead of realtime logging
- Db-less logging without additional database writes during capture
- Request list with search, filters, pagination, and sorting
- Highlights traffic class, status, method, IP, hits, and user agent
- Designed for investigation, not for cosmetic dashboards
What STV is not
- Not a realtime logger
- Not a generic visitor statistics plugin
- Not a full web application firewall
- Not a complete replacement for server logs
- Not able to see requests served entirely from page cache or CDN cache
Why this matters
AI crawlers, bots, scrapers, and other automated systems are getting better at looking normal.
In many environments, obvious bots are only the visible part. The larger problem is often suspicious or masked traffic that blends into ordinary looking requests and only becomes meaningful when patterns are observed over time.
Traditional logs may still record that traffic, but recording something is not the same as making it understandable. STV was built to expose traffic that may otherwise remain hidden inside ordinary looking request patterns and to make those requests reviewable over time.
The suspicious label is therefore not a marketing trick. It is often the most honest category available.
Download
The STV Plugin is currently reviewed by WordPress, but is available shortly in WordPress Plugin Repository.
Frequently Asked Questions
Is STV a realtime traffic viewer?
No. STV is designed for imported log review, not for live streaming.
Can STV see all requests?
No. Requests fully served by page cache or CDN cache do not reach PHP and therefore cannot be seen by STV.
Why does STV use the label "suspicious" instead of claiming exact detection?
Because well disguised traffic often cannot be proven with certainty from a single request alone. "suspicious" is often the most honest and useful label.
Does STV log directly into the database?
No. STV is db-less while logging. Request data is captured first and imported later, which avoids additional database load during the logging phase.
Is STV only about AI crawlers?
No. AI crawler related traffic was one of the original reasons behind STV, but the plugin is useful for suspicious traffic in general, including bots, scrapers, masked requests, and abnormal non-200 traffic.
What makes STV different from a normal traffic plugin?
Most traffic plugins try to show all visitors. STV does the opposite. It intentionally ignores clearly human-like 200 requests and focuses on suspicious, masked, non-human, and non-200 traffic that is often overlooked or poorly classified in conventional traffic views.
Why not focus only on known bots?
Because known bots are often only the visible part of the problem. In many cases, the larger and more relevant layer is suspicious traffic that does not openly identify itself as automation and only becomes noticeable through repeated patterns over time.
Which server environments are supported?
STV supports Apache and LiteSpeed Web Server environments only. For supported environments, the plugin may generate a plugin-local `.htaccess` file to protect the standalone prepend component and to provide the built-in rewrite probe. STV does not modify the WordPress root `.htaccess`.
More useful Posts
- The WordPress Optimization Paradox: Why Your PageSpeed Strategy Might Be Hurting Your Performance
- Do CloudFlare and quic.cloud really speed up the loading time?
- How to enable LiteSpeed Cache Plugin Crawler for WordPress if it is disabled in LiteSpeed Server
- The Great Deception: Why Google PageSpeed Doesn’t Measure Speed
- WordPress - Optimization for Nothing and the Speed (Not) for free
- Why does CloudFlare APO conflict with LiteSpeed LScache?
- Rush Speed Guide for WordPress in 2026 - Performance by Prevention
- What is LiteCache Rush?
- WordPress - Why Performance Doesn't Start With Optimization
- Webpage Performance Starts Before Optimization
- What Is WordPress Performance by Prevention?
- How to Warmup the Cache of CloudFlare CDN - Part II
- Security Alert: Potential Abuse of LiteSpeed Cache's Crawler to Target External Hosts
- WordPress: Do Optimization Plugins really optimize?
- LiteSpeed Guestmode – An Optimization Feature That Misleads WordPress Users?
- How to Warmup the Cache of quic.cloud or CloudFlare CDN Nodes - Part I
- Cloudflare, quic.cloud and All Other CDNs Kill LiteSpeed Speed Feature
- LiteCache Rush - The Unique Selling Point to make a WordPress Agency successful. (really)
- How to speedup LiteSpeed Cache Plugin with avif instead of webp Images