The Traffic Log Exclusions option is the exclusions system you can use to automatically skip the logging of web requests you know to be legitimate.


This reduces the size of your log and the speed at which it fills up, and also prevents your logs from filling up with "noise" (information you just don't need to have logged).


We recommend that you take a moment to consider which traffic you should exclude as there's no point in logging traffic that you don't need

How does the Traffic Log Exclusions work?

When a web request reaches your site, Shield examines it against each exclusion category you have selected.


If the request matches ANY single one (or more) of the exclusions, it will not be logged.


Here's an example:


Imagine you selected to only exclude 'AJAX' requests from the logs, but you haven't selected to exclude 'Logged-In Users'. What happens if you're logged-in and you're in the WP admin area and your page sends off an AJAX-request? You might think that since you're not excluding Logged-In Users that this should be logged. However, it wont appear in your logs because you're excluding AJAX requests.


Remember: If a request matches any single exclusion category it will not be logged.


The possible traffic exclusions are:

  • Simple requests – any requests that do not contain any data parameters either in the GET query, or in the POST data.
  • REST API
  • AJAX
  • Logged-In – any requests made by a user that is considered to be “logged-in” to the WordPress site.
  • WP Cron
  • Search Engine Spiders/Bots – supports Google, Bing, Yahoo!, Duck Duck Go, Yandex, Apple, Baidu
  • Uptime Monitoring services – supports StatusCake, Pingdom, Uptime Robot

Note: You can manually customize exclusions as well. Read more about this here.