Real usage data for your plugins. Without the SaaS.
A small PHP SDK you bundle into your WordPress plugin that sends opt-in telemetry to a backend you control. Active installs, version adoption, deactivation reasons, feature usage — owned, not rented.
Why it exists
You can't improve what you can't measure
WordPress.org is too coarse
Rounded install buckets like “6+ million,” no growth chart since 2022, no PHP/WP/locale breakdown, and never a word on why anyone deactivated.
SaaS means lock-in
Appsero and Freemius Insights put your users’ data on someone else’s servers — a funnel into their paid licensing platform.
DIY telemetry is risky
Hard to do without slowing wp-admin, without crashing when two plugins ship different SDK versions, and without tripping Guideline 7.
What's inside
Telemetry that won't get your plugin flagged
Opt-in only, off by default
Nothing leaves a site until the user ticks a box. Two-tier consent (usage data / product emails), fully aligned with WordPress.org Guideline 7 and GDPR.
Safe to bundle everywhere
Version-negotiation loader: ship the SDK in five plugins at five versions and only the newest boots, once, for the whole site. No “class already declared” fatals.
Fail-silent by design
A slow or dead backend never blocks wp-admin or checkout. Short timeouts, swallowed errors, weekly background cron. Your users never feel it.
The data that matters
Exact active installs over time, version adoption, full environment breakdown, deactivation reasons, feature usage, new-sites-per-week, and cross-plugin usage.
Self-hosted dashboard
A Laravel + Filament backend you run yourself. Your data, your server. The SDK just needs an endpoint URL — point it anywhere that speaks the API.
Privacy built in
Site URL is sent as a one-way SHA-256 hash — the raw URL never leaves the site. Admin email only on a separate marketing opt-in. Opt out anytime; opting out deletes collected data.
The data that matters
Everything WordPress.org hides from you
Not rounded buckets. The exact numbers you need to fix bugs, prioritise work, and understand your install base — collected only from users who opted in.
- Active installs over time — exact, not bucketed
- Version adoption across your install base
- Environment: WordPress, PHP, MySQL, WooCommerce, theme, locale, multisite
- Deactivation reasons — the survey WordPress.org will never give you
- Feature usage — see what % of installs actually use each feature you declare
- New-sites-per-week and which of your plugins run together
Active installs
12,847+4.2% / wk
- PHP 8.241%
- WordPress 6.763%
- WooCommerce active28%
Three steps
Bundled in minutes, not days
Require & register
composer require shakvaro/wp-insights, then register your plugin in a few lines.
User opts in
Your user sees a consent notice and opts in — or skips. The plugin works either way; nothing is sent unless they agree.
Data flows to your dashboard
Installs, versions, environments, deactivation reasons, and feature usage land in the backend you control.
Honest comparison
How it stacks up
| WordPress.org | Appsero / Freemius | WP Insights | |
|---|---|---|---|
| Active installs | Rounded buckets | Exact | Exact |
| Growth over time | Removed (2022) | Yes | Yes |
| Per-plugin environment breakdown | |||
| Deactivation reasons | |||
| Data ownership | — | Their servers (SaaS) | Yours (self-hosted) |
| Safe multi-plugin bundling | — | Mixed | Yes (newest-wins) |
| Price | Free | Free analytics, paid licensing | Free, open source |
| Licensing / payments |
Analytics only. WP Insights has no licensing or payment processing — if you need those, Freemius and Appsero bundle them. This is for developers who want clean, owned usage data without the platform lock-in.
Consent-first, by construction.
Off by default. The site URL is sent as a one-way SHA-256 hash — the raw URL never leaves the site. Admin email is collected only on a separate marketing opt-in. Users can switch sharing off from a Settings → Data Sharing page any time, and opting out deletes previously collected data.
Questions
The honest answers
No. It’s opt-in, runs in the background on a weekly cron, is fail-silent, and never touches the front-end. A slow or dead backend can’t block wp-admin or checkout.
Yes — opt-in only, off by default, and disclosed in the readme with a privacy policy, which is exactly what Guideline 7 requires.
It’s built around explicit consent. The site URL is sent as a one-way SHA-256 hash, the admin email is only collected on a separate marketing opt-in, and users can opt out and have their data deleted.
Yes — that’s the point. The version-negotiation loader makes sure only the newest SDK version boots once per site, so shipping it in many plugins never causes conflicts.
The SDK just needs an endpoint URL. Self-host the included Laravel/Filament backend, or point it at anything that speaks the same API.
GPL-2.0-or-later. Free and open source. It’s analytics only — no licensing or payment processing. If you need those, Freemius/Appsero bundle them.
Free · Open source · GPL-2.0
Own your usage data.
Drop it into your plugin, point it at your own backend, and start seeing what WordPress.org never showed you.