Skip to content

evermade/evermade-visitor-insights

BranchesTags

Repository files navigation

Evermade Visitor Insights™

The world's most enterprise visitor counter.

An operationally opinionated visitor telemetry platform for organizations that require mission-critical observability around the number going up.

screenshot-evermade-visitor-insights

✅ Enterprise Grade Visitor Telemetry

✅ Anonymous First-Party Data

✅ Consent-Aware Analytics Processing

✅ Cloud-Adjacent Architecture Posture

✅ Sharded Counter Persistence Fabric

✅ Immutable Audit Event Ledger

✅ 100+ PHP Unit Tests in the Quality Assurance Envelope

FAQ

Q: Can I have different designs?

A: No.

Q: Can I track more metrics?

A: No.

Q: Can I customize the counter?

A: No.

Q: Can I contribute?

A: No.

Q: Can I go over 99.999.999 visitors?

A: No. Counter resets to 0 after that.

Q: Does this really use multiple custom database tables?

A: Yes. Two of them. One provides a shard-oriented counter persistence layer and the other maintains an immutable audit event ledger. This is objectively too much architecture for a visitor counter.

Q: Is this some kind of joke?

A: Yes and no. The plugin works. Very over-engineered but it 100% does what says it does.

Installation

  1. Upload the plugin to wp-content/plugins/evermade-visitor-insights/
  2. Run composer install in the plugin directory
  3. Run npm install && npm run build in the plugin directory
  4. Activate the plugin through the WordPress admin

Platform Architecture

Evermade Visitor Insights™ delivers a vertically unserious but technically functional analytics substrate for organizations seeking premium operational confidence around page-view accumulation.

Core platform capabilities:

  • A shard-based counter persistence model distributes writes across multiple rows instead of concentrating all state in a single counter cell.
  • A dedicated audit table records lifecycle and counter mutation events for maximum governance theatre.
  • WordPress options are maintained as a compatibility mirror so legacy reads and degraded environments remain serviceable.
  • The frontend delivery surface includes a Gutenberg block, shortcode, REST API, and WP-CLI interface because a small LED counter deserves a large integration footprint.
  • The semantic-discovery surface now includes Schema.org interaction telemetry piped into Yoast SEO, because no enterprise counter strategy is complete until the graph has been appropriately enriched.

Schema.org SEO/GEO Acceleration Layer

Evermade Visitor Insights™ now integrates with Yoast SEO's Schema API to syndicate visitor telemetry directly into the site's structured-data graph. This is our officially sanctioned Search Experience Optimization and Generative Engine Optimization acceleration layer, which is a very serious phrase for “we add visitor counts to Schema.org nodes in a standards-adjacent way”.

What gets added

  • The Yoast-managed WebSite node receives interactionStatistic entries.
  • Page views are published as a UserPageVisits counter.
  • Unique visitors are published as an InteractionCounter with a clear description that the number is a consent-aware first-party estimate.

Optional filters for high-governance deployments

add_filter( 'evi_schema_include_page_views', '__return_true' );
add_filter( 'evi_schema_include_unique_visitors', '__return_true' );

// Disabled by default because the metric is sitewide, not page-specific.
add_filter( 'evi_schema_attach_sitewide_metrics_to_webpage', '__return_true' );

Enterprise outcome

  • Search engines get a richer graph.
  • LLM crawlers and other GEO-adjacent consumers get a machine-readable popularity hint.
  • Your architecture deck gains a new box labeled “semantic telemetry distribution fabric”.

Storage Topology

The counting subsystem uses a dual-table operational model:

  • Counter shards store the live values for views and uniques across multiple shard rows.
  • Audit log entries capture activation, increments, resets, manual sets, and other management actions.

Write operations increment a single shard, read operations aggregate shard totals, and administrative set/reset flows redistribute exact totals across the shard set. This is far more infrastructure than the problem demands, but it is still a valid storage design.

Usage

Gutenberg Block

Search for "Visitor Insights Counter" in the block inserter.

Block Settings:

Setting Default Description
Size Medium Counter size: small, medium, or large
Hue 120 (green) LED color (0-360, HSL hue wheel)
Metric Page Views What to count: views, uniques, or both
Show Label Yes Display label text below counter
Label Text "Visitors" Custom label for single-metric mode
Starting Page Views 0 Cosmetic offset added to the page-views display
Starting Unique Visitors 0 Cosmetic offset added to the unique-visitors display
Cookie Expiry 24 hours Unique visitor cookie duration

Behavior notes:

  • The display always renders 8 digits per counter. This is fixed and not configurable.
  • When metric="both", the block renders two counters with fixed labels: Page Views and Unique Visitors.
  • The custom label text is only used in single-metric mode.

Shortcode

[evermade_visitor_insights hue="120" metric="views" show_label="true" label_text="Visitors" starting_views="0" starting_uniques="0" cookie_expiry="24" size="medium"]

Shortcode attributes:

Attribute Default Description
hue 120 LED color from 0 to 360
metric views views, uniques, or both
show_label true Show the label under a single counter
label_text Visitors Custom label for single-metric mode
starting_views 0 Cosmetic offset added to page views
starting_uniques 0 Cosmetic offset added to unique visitors
cookie_expiry 24 Unique visitor cookie lifetime in hours
size medium small, medium, or large

Shortcode behavior notes:

  • Values larger than 360 for hue are clamped to 360.
  • size="yuuuuge" is normalized to large for legacy compatibility.
  • As with the block, metric="both" ignores custom label text and renders the built-in labels for each counter.

REST API

Endpoint Method Auth Description
/wp-json/evi/v1/count GET Public Current counts
/wp-json/evi/v1/count/hit POST Nonce Record a page hit
/wp-json/evi/v1/count/set POST Admin Set counter values

WP-CLI Reference

# View current counts
wp evi get
wp evi get --metric=views --format=json

# Set a counter value
wp evi set 1000000 --metric=views

# Reset everything to zero
wp evi reset --yes

# Manual increment
wp evi increment --by=100 --metric=views

# Comprehensive status report
wp evi status

# Export/Import (because two numbers need a pipeline)
wp evi export --file=backup.json
wp evi import backup.json --yes

# Benchmark (obviously)
wp evi benchmark --iterations=1000

Running Tests

cd wp-content/plugins/evermade-visitor-insights
composer install
composer test

Cookie Consent (Cookiebot Integration)

The plugin tracks two metrics with different privacy implications:

  • Page Views — always counted, no cookies involved, no consent needed
  • Unique Visitors — requires statistics cookie consent

Environment exception:

  • Development and Staging — statistics consent is bypassed so unique-visitor counting can be tested without a CMP round-trip on every page load

When Cookiebot (or compatible CMP) is detected:

  1. The JS checks Cookiebot.consent.statistics
  2. If consent is granted AND no evi_counted cookie exists → unique visitor is counted
  3. The evi_counted cookie (category: statistics) is set for the configured duration
  4. If consent is later granted (e.g., user clicks accept), the CookiebotOnAccept event triggers a re-check

Without any consent platform: only page views are tracked. No cookies are ever set. Safe by default.

In development and staging WordPress environments: unique visitors are treated as consented for testing purposes, and the plugin will still use the evi_counted cookie to avoid recounting the same browser.

Privacy Policy Snippet

You can adapt the following text into your site's privacy policy:

This site uses Evermade Visitor Insights to measure aggregate page views and, where statistics cookies are accepted, estimated unique visitors. The plugin stores counter totals on our server. To prevent abuse of the public counting endpoint, the plugin creates a short-lived rate-limit key derived from the visitor IP address and a WordPress salt, but it does not store the raw IP address in the counter tables. If statistics cookies are accepted, the plugin sets a first-party evi_counted cookie so the same browser is not counted repeatedly as a unique visitor during the configured cookie period. If statistics cookies are not accepted, the plugin records page views only and does not set the unique-visitor cookie. The plugin is used for aggregate measurement only and is not intended to build user profiles or track visitors across different websites.

Review this text against your own legal department, retention practices, and CMP setup before publishing it as part of your privacy notice.

Security and Trust Posture

  • The public hit endpoint requires a WordPress nonce in the X-ESVI-Nonce header. The nonce action is stable so cached pages do not invalidate themselves at midnight, while WordPress still rotates the nonce value on its normal internal tick.
  • Administrative counter changes go through a separate endpoint protected by manage_options. Random visitors can increment the counter. They cannot rewrite history.
  • The hit endpoint is rate-limited per client using a short-lived transient keyed from a salted SHA-256 hash of the client IP. By default the rate limiter uses REMOTE_ADDR only; forwarded headers are ignored unless a site explicitly trusts its proxy layer via the evi_trust_forwarded_ip_headers filter. We use the IP only to derive the rate-limit key and do not store the raw address in the counter tables.
  • Unique visitors are counted only when statistics consent exists and the visitor is new. If there is no consent platform, the plugin falls back to page views only and keeps its hands off cookies entirely.
  • In WordPress development and staging environments, the consent requirement is intentionally bypassed to make testing less miserable. Production still requires real statistics consent. Note: This means that if you use this in production you will need real CMP platform like Cookiebot to get unique visitor counts.
  • When the plugin does set its own cookie, it is a first-party evi_counted marker with SameSite=Lax and Secure. Its job is simply to remember that this browser has already been counted recently, not to begin a thrilling career in behavioral surveillance.
  • Public responses expose totals only. There is no profile data, no user timeline, and no secret data lake waiting to become a keynote slide.
  • Counter mutations happen server-side and are written into plugin-owned storage, with audit log rows for resets, sets, increments, and ceiling resets. So yes, even this tiny counter has governance theatre.
  • Input is sanitized, negative admin-set values are rejected, and the public write path only increments by the rules the server enforces.

Enterprise Support

For enterprise support, please request a quote. We offer customization, integration, operational alignment, stakeholder-calming terminology and dedicated support plans for teams that need both a working visitor counter and a deeply unnecessary architecture story around it.

License

GPL-2.0-or-later.

Built with enterprise spirit by Evermade.

Release: 1st of April, 2026 (obviously).

About

The world's most enterprise visitor counter for WordPress

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages