The Requests Module provides comprehensive monitoring and logging of all HTTP API requests (outgoing wp_remote_* calls) and incoming REST API requests on a WordPress site. It stores every captured request in a dedicated database table and presents them via a WP_List_Table-based admin interface with analytics dashboard, filtering, searching, and export capabilities.
Key Capabilities
Intercept and log all outgoing HTTP API requests via pre_http_request and http_api_debug hooks
Intercept and log all incoming REST API requests via rest_pre_dispatch and rest_request_after_callbacks hooks
Automatic identification of the originating plugin/theme via PHP stack trace analysis
Full request/response capture with automatic sensitive data redaction
Analytics dashboard with totals, error rates, top domains, and performance trends
Advanced filtering by status, type, plugin, domain, date range, and runtime range
CSV export with filter context preservation
Toggle HTTP/REST monitoring independently via REST API
Automatic cleanup via configurable cron schedule
Table management (truncate/drop) via REST API
Technology Stack
PHP 7.4+ (strict types)
WordPress WP_List_Table API
WordPress wp-api-fetch for REST interactions
Custom database table with optimised indexes
jQuery for modal interactions, vanilla JS for table management
Master toggle for the entire requests module. Controls menu visibility and all request logging.
Enable requests logging
advana_requests_enable
checkbox
Controls active request interception. When disabled, the viewer remains accessible but no new data is captured.
Disable HTTP Requests logging
advana_http_requests_disable
checkbox
Stops capturing outgoing HTTP API requests (wp_remote_*). REST API logging is unaffected.
Disable REST API Requests logging
advana_rest_requests_disable
checkbox
Stops capturing incoming REST API requests. HTTP API logging is unaffected.
Clear requests table every
advana_rest_requests_clear
select
Automatic cleanup schedule. Options: Never (-1), Hourly, Twice Daily, Daily, Weekly, or any custom schedule. Registers a WordPress cron job.
Warning: The auto-cleanup cron truncates the entire requests table — it does not selectively remove old records.
4. Core Classes
4.1 ADVAN\Controllers\Requests_Log
Core request capture controller. Hooks into WordPress HTTP API and REST API lifecycle to intercept and log every request. Uses the Controller_Init_Trait for conditional initialisation based on settings.
Registers the auto-truncate cron (advan_request_table_clear) based on the advana_rest_requests_clear setting
truncate_requests_table()
Cron callback — truncates the requests log table
menu_add()
Registers the admin submenu page, screen options, and column filter
process_actions_load()
Processes bulk actions on load-{page} hook (before output)
prepare_items()
Populates the table: parses filters, builds SQL query, retrieves results
fetch_table_data($args)
Builds and executes parameterised SQL with all filter conditions
manage_columns($columns)
Defines visible columns for the list table
get_sortable_columns()
Returns all sortable columns (all entity columns are sortable)
get_bulk_actions()
Returns available bulk actions (Delete Records)
handle_table_actions()
Processes bulk delete after nonce and capability verification
set_request_status($request)
REST endpoint callback to toggle HTTP/REST monitoring on/off
4.3 ADVAN\Lists\Views\Requests_View
Handles page rendering for the requests list screen, the details modal, analytics dashboard, and form processing.
Key Methods
Method
Description
analytics_requests_page()
Entry point — calls display_page() from parent with permission message
render_page_content()
Renders status notices, analytics dashboard, filter form, list table, and modal HTML
render_analytics_dashboard($data)
Renders summary cards, status/type breakdowns, top domains, and trend table
get_analytics_data()
Queries the database for analytics: totals, status counts, type counts, averages, top domains, daily trends
plugin_filter_action()
Handles plugin filter dropdown form submission and redirect
add_help_content_table()
Returns help tab content string
add_config_content_table()
Returns table info panel with truncate/drop controls
4.4 ADVAN\Entities\Requests_Log_Entity
Database entity class for the requests log table. Extends Abstract_Entity and defines the table schema, column types, default values, creation SQL, and migration methods.
Table Name
PHP
<?php
protectedstatic$table = ADVAN_PREFIX . 'requests_log';
// Resolves to: {wp_prefix}advan_requests_log
The log entry is sanitised and inserted into the database
Plugin Identification
The originating plugin is identified by analysing the PHP stack trace. The 8th frame in the trace is inspected for a file path, which is then matched against known plugin directories using Plugin_Theme_Helper::get_plugin_from_file_path().
table_name (required) — the full table name id (required) — the record ID
8. AJAX Handlers
The requests module uses generic AJAX handlers shared across the plugin.
CSV Export AJAX
Action
wp_ajax_aadvana_export_large_csv
Handler
Ajax_Helper::export_large_csv()
Trigger
Set typeExport=requests in the POST data
Parameters
All current filter values (search, plugin, date range, status, type, domain, runtime min/max)
The export respects the current filter context and operates in chunks to handle large datasets. A cleanup action (aadvana_export_large_csv_cleanup) removes temporary files after download.
Registers the advan_request_table_clear cron job for automatic table cleanup. Schedule is determined by the advana_rest_requests_clear setting.
admin_post_{PLUGIN_FILTER_ACTION}
Action
Requests_View::plugin_filter_action
Processes plugin filter dropdown form submission on the requests page
manage_{$requests_hook}_columns
Filter
Requests_List::manage_columns
Registers screen columns for the requests list table
load-{$requests_hook}
Action
Requests_List::process_actions_load
Processes bulk actions early (before output) to allow safe redirects
Example: Register a Custom Cron Schedule for Cleanup
PHP
<?php
// Add a custom cleanup interval (every 6 hours)add_filter( 'cron_schedules', function( $schedules ) {
$schedules['every_six_hours'] = array(
'interval' => 21600,
'display' => __( 'Every 6 Hours' ),
);
return$schedules;
});
// This new schedule will appear in the "Clear requests table every" dropdown// on the Settings page (Request Options tab).
10. Settings Reference
Settings are rendered using the plugin’s Settings::build_option() builder. The request settings are on the Request Options tab within the main settings page.
PHP
<?php
// Check if requests module is enabled$enabled = Settings::get_option( 'requests_module_enabled' );
// Check if logging is active$logging = Settings::get_option( 'advana_requests_enable' );
// Check individual monitoring toggles$http_disabled = Settings::get_option( 'advana_http_requests_disable' );
$rest_disabled = Settings::get_option( 'advana_rest_requests_disable' );
// Get cleanup schedule$schedule = Settings::get_option( 'advana_rest_requests_clear' );
Settings Builder Usage
PHP
<?php
// How settings are defined in request-list.php
Settings::build_option(
array(
'title' => esc_html__( 'Request Options', '0-day-analytics' ),
'id' => 'options-settings-tab',
'type' => 'tab-title',
)
);
Settings::build_option(
array(
'name' => esc_html__( 'Enable requests module', '0-day-analytics' ),
'id' => 'requests_module_enabled',
'type' => 'checkbox',
'hint' => esc_html__( 'Controls the entire requests module.', '0-day-analytics' ),
'toggle' => '#advana_requests_settings-item',
'default' => Settings::get_option( 'requests_module_enabled' ),
)
);
// The toggle attribute creates a show/hide dependency on the target element.// When the checkbox is unchecked, #advana_requests_settings-item is hidden.
Additionally, a heuristic pattern matcher (key_matches_sensitive_pattern()) catches keys containing common sensitive substrings like auth, bearer, credential, etc.
Data Size Limits
Data Type
Limit
Action
Request argument string values
2,048 bytes
Truncated with …[truncated] suffix
Response body preview
512 bytes
Truncated with …[truncated] suffix
Full response JSON
4,096 bytes
Truncated with …[truncated] suffix
URL Sanitization
Page URLs are sanitised via sanitize_url() before storage. Sensitive query parameters (tokens, keys, passwords) are stripped from the URL string.
Database Security
All queries use $wpdb->prepare() with parameterised placeholders
All filter inputs are validated against whitelists (status, type) or sanitised with sanitize_text_field()
Date range values are validated with regex: /^\d{4}-\d{2}-\d{2}$/
Runtime values are validated as numeric before inclusion in queries
Table names are validated with preg_match( '/^[a-zA-Z0-9_]+$/' ) in create_table()
Access Control
Admin pages require manage_options capability
REST API endpoints require manage_options capability
Bulk actions verify nonces and capabilities before processing
Plugin filter form submissions verify nonces via check_admin_referer()
15. Code Examples
Example 1: Check if Request Logging is Active
PHP
<?php
use ADVAN\Helpers\Settings;
$module_on = Settings::get_option( 'requests_module_enabled' );
$logging_on = Settings::get_option( 'advana_requests_enable' );
$http_off = Settings::get_option( 'advana_http_requests_disable' );
$rest_off = Settings::get_option( 'advana_rest_requests_disable' );
if ( $module_on && $logging_on ) {
if ( ! $http_off ) {
// HTTP request logging is active
}
if ( ! $rest_off ) {
// REST request logging is active
}
}
Example 2: Toggle Monitoring via REST API (JavaScript)
<?php
use ADVAN\Entities\Requests_Log_Entity;
// Get the table name$table = Requests_Log_Entity::get_table_name();
// Count error requests in the last 24 hoursglobal$wpdb;
$error_count = $wpdb->get_var(
$wpdb->prepare(
"SELECT COUNT(*) FROM {$table} WHERE request_status = %s AND date_added >= %d",
'error',
strtotime( '-24 hours' )
)
);
// Get top 5 slowest requests$slowest = $wpdb->get_results(
"SELECT url, runtime, plugin, request_status
FROM {$table}
ORDER BY runtime DESC
LIMIT 5",
ARRAY_A
);
Example 4: Truncate the Requests Table Programmatically
PHP
<?php
use ADVAN\Entities\Requests_Log_Entity;
use ADVAN\Entities_Global\Common_Table;
Common_Table::truncate_table( null, Requests_Log_Entity::get_table_name() );
Example 5: Add a Custom Cleanup Schedule
PHP
<?php
// Register a custom scheduleadd_filter( 'cron_schedules', function( $schedules ) {
$schedules['every_six_hours'] = array(
'interval' => 21600,
'display' => __( 'Every 6 Hours' ),
);
return$schedules;
});
// The new schedule will automatically appear in the// "Clear requests table every" dropdown on the settings page.
Example 6: Truncate Table via REST API (JavaScript)
// Fetch a single request record by ID
wp.apiFetch({
path: '/0-day/v1/get_table_record/wp_advan_requests_log/42/',
}).then(function(record) {
console.log('Request URL:', record.url);
console.log('Runtime:', record.runtime, 'seconds');
console.log('Status:', record.request_status);
});
Need User Guide documentation?
See Requests Module User Guide for more details about configuration, practical usage and information.