Skip to content

WordPress Plugin

The nBlick Signal Agent plugin connects your WordPress site to Signal Agent. Once active, it quietly records public request traffic on your server and ships it to nBlick in the background — no theme edits, no tracking scripts, and no change to how your pages load.

This guide walks you through installing the plugin, adding your API key, and confirming that data is flowing.

Before you start

You'll need an nBlick account and a Signal API key. You can generate one from your nBlick dashboard. Administrator access to your WordPress site is also required to install plugins.

Step 1 — Install the Plugin

The plugin is available on the official WordPress Plugin Directory: nBlick Signal Agent. You can install it the same way you would any other plugin.

From the WordPress admin (recommended):

  1. In your WordPress dashboard, go to Plugins → Add New.
  2. Search for nBlick Signal Agent, or choose Upload Plugin and select the .zip file you were given.
  3. Click Install Now, then Activate.

[Screenshot: Plugins → Add New, searching for nBlick Signal Agent]

Manually (optional): copy the plugin folder into wp-content/plugins/ and activate it from the Plugins screen.

Step 2 — Open the Settings

After activation, go to Settings → nBlick Signal Agent in the WordPress admin menu. The configuration screen is organized into three tabs:

Tab What it's for
General API key, enabling collection, and delivery options
Privacy What gets redacted and which paths are excluded
Status Live health, queue size, and diagnostic actions

[Screenshot: Settings → nBlick Signal Agent, General tab]

Step 3 — Add Your API Key

On the General tab, paste your Signal API key into the API key field and save.

For production sites we recommend defining the key in wp-config.php instead, so it never lives in the database:

define('NBLICK_SIGNAL_API_KEY', 'your-api-key-here');

When set this way, the plugin uses the constant automatically and the key field can be left empty.

Keys at rest

If you store the key in settings, the plugin encrypts it using your site's security salts whenever the libsodium extension is available.

Step 4 — Enable Collection

Still on the General tab, switch Enable logging on and save. From this point the plugin begins capturing public front-end requests and queuing them for delivery.

By default, the following are never collected: WordPress admin, login, REST API, AJAX, cron, and WP-CLI requests, plus any paths you exclude on the Privacy tab.

[Screenshot: General tab with logging enabled]

Step 5 — Send a Test Event

To confirm everything is wired up correctly, open the Status tab and click Send Test Event. The plugin will push a sample request straight to nBlick and report the result.

A successful test confirms that your key, endpoint, and network are all working. If it fails, the Status tab shows the last error to help you troubleshoot.

[Screenshot: Status tab showing a successful test event]

Privacy & Data Handling

Signal Agent is built to be privacy-conscious by default:

  • Server-side only. It sets no cookies and runs no browser tracking.
  • Public traffic only. Admin, login, and internal requests are excluded.
  • Sensitive values redacted. Query parameters such as passwords, tokens, and API keys are masked before anything is stored or sent.
  • Short retention. Captured data is queued locally, removed once delivered, and purged after a configurable retention window.

Because the plugin transmits visitor IP addresses to nBlick for bot detection and reverse-DNS analysis, you may need to mention this in your own site's privacy policy depending on your jurisdiction. Review the nBlick Privacy Policy and Terms of Service for details.

Configuration Reference

Most sites work well with the defaults. The settings below can be tuned on the General and Privacy tabs if needed:

Setting Default What it controls
Enable logging Off Master switch for collection
Batch size 500 Records sent per delivery
Send interval 60s How often queued data is shipped
Redacted keys password, token, secret, … Query parameters masked before sending
Excluded paths wp-admin, wp-login, … Paths never collected
Retention 7 days How long unsent data is kept locally

Applying a new send interval

If you change how often data is sent, use the Re-schedule button on the Status tab to apply it right away.

Troubleshooting

  • Test event fails: double-check the API key and confirm your server can reach the nBlick endpoint. The Status tab shows the most recent error.
  • No data appearing: make sure Enable logging is on and that the traffic you expect isn't matched by an excluded path.
  • Sending paused: repeated delivery failures temporarily pause sending to protect your site. It resumes automatically once the issue clears, or you can reset it from the Status tab.