This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Snitch

Description

Network monitor for WordPress with connection overview for controlling and regulating data traffic from your site.

Trust, But Verify

Snitch monitors and logs the outgoing data stream of your WordPress site. It records every outbound connection from WordPress and provides a log table for administrators.

Snitch does not only log connection requests, but enables you to block future requests either by target URL (internet address being called in the background), or by script (file being executed to open up a connection). Once blocked, a connection will be visually highlighted. Blocked entries can be unblocked with a simple click.

Snitch is a perfect tool to “listen in” on outbound communication. It is also suitable to early recognize any malware and tracking software installed. You can youse Snitch to make sure you comply with GDPR.

Summary

Snitch writes a log of both authorized and blocked attempts of connectivity. An overall view provides transparency and lets you control outgoing connections initialized by plugins, themes, or WordPress.

In A Nutshell

  • neat interface
  • displays target URL and source file
  • features grouping, sorting, searching
  • visual highlighting of blocked requests
  • show POST variables with a simple click
  • block/unblock connections by domain/file
  • monitors communication in back-end and front-end
  • delete all entries by pressing a button
  • free of charge, no advertising

Support

Contribute

  • Active development of this plugin is handled on GitHub.
  • Pull requests for documented bugs are highly appreciated.
  • If you think you’ve found a bug (e.g. you’re experiencing unexpected behavior), please post at the support forums first.
  • If you want to help us translate this plugin you can do so on WordPress Translate.

Credits

Screenshots

  • Snitch connection list

Installation

  • If you don’t know how to install a plugin for WordPress, here’s how.

FAQ

Snitch creates a lot of database entries

Snitch is designed to log any outgoing connection in WordPress. If the database fills fast, you should look up the cause. Why does your WordPress and plugins communicate so often to the outside that the database table fills? Is this communication really necessary?

As a reminder: Snitch is designed to help you improve your WordPress performance by detecting and displaying connections as bottleneck. The task for the blog administrator is to eliminate the source of the cause (plugin, theme, etc.).

Snitch automatically ensures that there are not more than 200 entries are kept in the database. If it is nevertheless necessary to remove Snitch entries from the database manually, two smart database commands could help:

sql
DELETE FROM wp_postmeta` WHERE `post_id` IN ( SELECT `ID` FROM `wp_posts` WHERE `post_type` = 'snitch' )

DELETE FROM wp_posts WHERE post_type = ‘snitch’
`

Are connections monitored in the front end?

Snitch catches any connection that leaves the blog via WordPress HTTP API (internal WordPress interface for data communication). This affects both the back-end and the front-end of a WordPress installation.

Why does Snitch list WordPress cronjobs?

WordPress calls internal Cronjobs via WordPress HTTP API – exactly this interface is monitored by Snitch and also records Cronjob accesses accordingly.

If cronjobs are listed too often, something possibly isn’t correct. Therefore, it is recommend to check the list of scheduled cronjob jobs.

The following code snippet in the WordPress configuration file wp-config.php switches off the logging of the internal WordPress queries:

php
define('SNITCH_IGNORE_INTERNAL_REQUESTS', true);

Why are Snitch entries indexed by Google?

Snitch stores its entries as WordPress Custom Post Types. Important step: By a WordPress attribute Snitch marks all log entries as private, therefore not public. So far, the ideology with private and inaccessible entries would work if there were not WordPress plugins that would carry all – including private – Custom Post Types into the world and communicate with search engines. With fatal consequences for the blogger.

And so it quickly happens that Google suddenly hits Snitch entries (as blog pages) which are not intended for public access. For example, because Snitch entries appear in the sitemap XML of the blog, as a sitemap XML plugin is of the opinion that it is also necessary to add private entries and to have them released for indexing. There is also no help to block via robots.txt because the robots.txt file does not prevent the indexing of the pages.

Automatic Shares go crazily

The fact that every new Snitch entry automatically sends a message to Facebook and/or Twitter, is clearly not due to Snitch. Rather, the cause is to be found in the inserted Auto-Tweet-Facebook-Plugin, which faulty triggers an automatic event at every – also non-public – WordPress Custom Post Type. And that’s wrong. The usage of such Plugins should be reconsidered.

A complete documentation is available on the Snitch website.

Reviews

9 di Març dal 2024
Earlier i had to manually monitor the QueryMonitor’s HTTP API Calls area to find all the callbacks. Now with this great plugin i don’t have to do it manually as the “SNITCH” plugin does the monitoring for me — what a great help. Thanks for this great plugin. Please ignore those who rate it anything other than 5 stars. For me this plugin goes on each WordPress stack — a-must-have 5 STAR plugin! God bless. Cheers.
10 di Novembar dal 2023
Das Plugin hat wiederholt meine Site zum erliegen gebracht: ein paar Minuten nach der Aktivierung hat die eingebaute Fehlererkennung von WP eine eMail geschickt: „In diesem Fall hat WordPress einen Fehler in einem deiner Plugins, Snitch, abgefangen“. Das Log von Snitch war dabei nicht hilfreich: da fand der Fehler keine Erwähnung. WordPress-Version 6.4.1 Aktives Theme: Twenty Twenty-Two (Version 1.6) Aktuelles Plugin: Snitch (Version 1.2.0) PHP-Version 8.1.22
14 di Setembar dal 2022
Simply epic. Lightweight, ultra simple UI. Really, really, really thz for that.
3 di Fevrâr dal 2022
This plugin isn’t for everyone. It should be, but it not. Such is life. For me, this is a critical tool that I have relied on since I found it a couple of years ago. It lets me identify plugins that phone home (or elsewhere) without permission, without needing to examine every line of code in the plugin (and those can be huge). It lets me make better decisions with regards to which plugins to support. It lets me report plugins when necessary – and encourage public accountability by leaving 1-star reviews for plugins who do act without permission. And if it is not possible to replace those plugins with others with similar functionality, it lets me block the calls to domains, or calls made by specific files. This plugin really deserves my first five star review. 😉
15 di Març dal 2021 2 replies
The plugin or its settings caused an error in Woocommerce: mod_fcgid: stderr: PHP Fatal error: Uncaught Error: Call to a member function get_type() on bool in /wp-content/plugins/woocommerce/includes/admin/meta-boxes/views/html-product-data-panel.php:20
17 di Jugn dal 2020
I needed to block a useless (and stupid) HTTP API CALL from a specific URL, this plugin worked like a charm.
Read all 27 reviews

Contributors & Developers

“Snitch” is open source software. The following people have contributed to this plugin.

Contributors

“Snitch” has been translated into 8 locales. Thank you to the translators for their contributions.

Translate “Snitch” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.2.0

  • Shows schema of request (http/https)
  • No “jerking” in the retrieval list during mouse over
  • Remove lang folder in favor of translations via translate.wordpress.org
  • Support for WordPress 6.4

1.1.8

  • Support for WordPress 5.2
  • Bugfix: Deprected Non-static call

1.1.7

  • Updated README
  • Improved user interface
  • Support for WordPress 4.9

1.1.6

1.1.5 / 06.05.2015

1.1.4

  • Support for WordPress 4.2
  • Nice to have: admin_url() for edit.php requests

1.1.3

  • Support for WordPress 4.1

1.1.2

  • Feature: english translation for the readme file
  • Feature: russian translation for plugin files

1.1.1

  • Feature: status code “-1” for failing connections

1.1.0

For the complete changelog, check out our GitHub repository.