Update: This feature can now be disabled by adding a constant to your wp-config.php file. The code you need to add is as follows define(‘WORDFENCE_DISABLE_LIVE_TRAFFIC’, true);
WordFence has recently removed the ability to disable Live Traffic feature from its security plugin. They have replaced the Live Traffic feature with Security Only events. I am going to briefly go over what Security Only events are and how they impact you and your website. Hint: It is not the end of the world.
Security Only Is “Low Resource Mode”
Live Traffic mode logged every event from someone visiting your website or going to your login page. Security Only events only log certain types of events. Examples of events it logs are the following:
- Sign Ins
- Blocking Of Users
Essentially, the Security Only feature is like a firewall blocking tool, but it is more of a real-time log of your firewall. It will tell you what is being blocked in real time. With Live Traffic View, you had two choices: log everything (live traffic on) or log nothing (live traffic off). This new feature, Security Only, allows the plugin to log, even on hosts with limited resources.
Additionally, WordFence has made it easier to quickly review past security issues that may have arisen.
Logging All Traffic Is Still Terrible
Logging all traffic, when you are on a limited budget host (GoDaddy, Bluehost, Hostgator) is a major drain on server resources. There is also no real benefit either. Unless, you need to sit and analyze website traffic patterns for manual intervention or need to feel like you are in the matrix with the log updating constantly, be my guest. However, there is zero reason to leave the Security Only feature off. I recommend keeping the Security Only feature on and implement this method one every new install.
Can I Still Disable It?
As far as I can tell, there is currently no way to disable the functionality altogether. There may be a filter, but I have not gone ahead and explored it further. Security Only events have not caused me any issues, on my own sites or client sites, no matter what host it is being used on. Whether that be a budget shared host or a $10 VPS, the Security Only feature seems to being working as it should.
What are your thoughts regarding the change from Live Traffic View to Security Only mode? Do you think the WordFence team should bring back the ability to disable the feature altogether?