WordPress Plugin¶
The nBlick Signal Agent plugin connects your WordPress site to Signal Agent. Once active, it quietly records public request traffic on your server and ships it to nBlick in the background — no theme edits, no tracking scripts, and no change to how your pages load.
This guide walks you through installing the plugin, adding your API key, and confirming that data is flowing.
Before you start
You'll need an nBlick account and a Signal API key. You can generate one from your nBlick dashboard. Administrator access to your WordPress site is also required to install plugins.
Step 1 — Install the Plugin¶
The plugin is available on the official WordPress Plugin Directory: nBlick Signal Agent. You can install it the same way you would any other plugin.
From the WordPress admin (recommended):
- In your WordPress dashboard, go to Plugins → Add New.
- Search for nBlick Signal Agent, or choose Upload Plugin and select the
.zipfile you were given. - Click Install Now, then Activate.
[Screenshot: Plugins → Add New, searching for nBlick Signal Agent]
Manually (optional): copy the plugin folder into wp-content/plugins/ and activate it from the Plugins screen.
Step 2 — Open the Settings¶
After activation, go to Settings → nBlick Signal Agent in the WordPress admin menu. The configuration screen is organized into three tabs:
| Tab | What it's for |
|---|---|
| General | API key, enabling collection, and delivery options |
| Privacy | What gets redacted and which paths are excluded |
| Status | Live health, queue size, and diagnostic actions |
[Screenshot: Settings → nBlick Signal Agent, General tab]
Step 3 — Add Your API Key¶
On the General tab, paste your Signal API key into the API key field and save.
For production sites we recommend defining the key in wp-config.php instead, so it never lives in the database:
When set this way, the plugin uses the constant automatically and the key field can be left empty.
Keys at rest
If you store the key in settings, the plugin encrypts it using your site's security salts whenever the libsodium extension is available.
Step 4 — Enable Collection¶
Still on the General tab, switch Enable logging on and save. From this point the plugin begins capturing public front-end requests and queuing them for delivery.
By default, the following are never collected: WordPress admin, login, REST API, AJAX, cron, and WP-CLI requests, plus any paths you exclude on the Privacy tab.
[Screenshot: General tab with logging enabled]
Step 5 — Send a Test Event¶
To confirm everything is wired up correctly, open the Status tab and click Send Test Event. The plugin will push a sample request straight to nBlick and report the result.
A successful test confirms that your key, endpoint, and network are all working. If it fails, the Status tab shows the last error to help you troubleshoot.
[Screenshot: Status tab showing a successful test event]
Privacy & Data Handling¶
Signal Agent is built to be privacy-conscious by default:
- Server-side only. It sets no cookies and runs no browser tracking.
- Public traffic only. Admin, login, and internal requests are excluded.
- Sensitive values redacted. Query parameters such as passwords, tokens, and API keys are masked before anything is stored or sent.
- Short retention. Captured data is queued locally, removed once delivered, and purged after a configurable retention window.
Because the plugin transmits visitor IP addresses to nBlick for bot detection and reverse-DNS analysis, you may need to mention this in your own site's privacy policy depending on your jurisdiction. Review the nBlick Privacy Policy and Terms of Service for details.
Configuration Reference¶
Most sites work well with the defaults. The settings below can be tuned on the General and Privacy tabs if needed:
| Setting | Default | What it controls |
|---|---|---|
| Enable logging | Off | Master switch for collection |
| Batch size | 500 | Records sent per delivery |
| Send interval | 60s | How often queued data is shipped |
| Redacted keys | password, token, secret, … | Query parameters masked before sending |
| Excluded paths | wp-admin, wp-login, … | Paths never collected |
| Retention | 7 days | How long unsent data is kept locally |
Applying a new send interval
If you change how often data is sent, use the Re-schedule button on the Status tab to apply it right away.
Troubleshooting¶
- Test event fails: double-check the API key and confirm your server can reach the nBlick endpoint. The Status tab shows the most recent error.
- No data appearing: make sure Enable logging is on and that the traffic you expect isn't matched by an excluded path.
- Sending paused: repeated delivery failures temporarily pause sending to protect your site. It resumes automatically once the issue clears, or you can reset it from the Status tab.