Documentation

Everything you need to get the most from WP Canary

Plain-English guides for every module — with optional technical detail for developers. Use the sidebar to jump to any section.

Getting started — Installation

WP Canary installs like any standard WordPress plugin. The free version is available directly from the WordPress plugin directory. Pro is delivered via your Freemius licence after purchase.

1
Log in to your WordPress dashboard and go to Plugins > Add New Plugin.
2
Search for WP Canary and click Install Now, then Activate. The free tier is immediately active — no configuration required.
3
To activate Pro, go to WP Canary > Licence in your left-hand dashboard menu and enter the key from your purchase confirmation email.
Technical detail — manual installation via FTP
Download the .zip from your Freemius account dashboard. Unzip locally and upload the /wp-canary/ folder to /wp-content/plugins/ via FTP or SFTP. Activate via the Plugins menu in wp-admin, or via WP-CLI: wp plugin activate wp-canary

Getting started — Initial setup

After activating the plugin, WP Canary adds a menu item in your WordPress dashboard. Here’s what to configure on first use:

1
Set your notification email. Go to WP Canary > Settings. Enter the email address where you want your morning digest and alert notifications sent. This defaults to your WordPress admin email.
2
Choose your digest schedule. Select daily or weekly delivery and set your preferred send time. Daily is recommended for active sites. The default is 7:00 AM in your site’s configured timezone.
3
Review your dashboard. The WP Canary dashboard gives you a live view of all module statuses. Green means healthy. Amber means something needs a look. Red means action is recommended. Statuses update on each module’s scan cycle.

Getting started — Free vs Pro

FeatureFreePro
Database health scanner
Plugin watchdog
404 flood detection
Dashboard alerts
Morning digest email
Debug log analysis
Ad interference monitor
License & update health

Database health scanner Free

Scans all WordPress database tables for errors, overhead, and collation mismatches. Runs once daily via WP-Cron and flags anything that needs attention — in your dashboard immediately, and in your morning digest if you’re on Pro.

A collation mismatch happens when two database tables use different character encoding rules. It’s a common cause of slow queries and search failures — especially after migrating a site to a new host or switching hosting providers.

What it flags

  • Tables with overhead greater than 10MB
  • Tables with collation other than utf8mb4_unicode_ci
  • MyISAM engine on core WordPress tables
  • Tables with errors reported in TABLE STATUS
Technical detail — checks performed via SHOW TABLE STATUS
Columns read: Engine, Row_format, Rows, Data_length, Index_length, Data_free (overhead), Collation. Skips VIEWs. Flags: Data_free > 10485760 (10MB), Collation != utf8mb4_unicode_ci, Engine = MyISAM on wp_ core tables.

Plugin watchdog Free

Monitors the status of all installed plugins and alerts you to unexpected changes. If a plugin deactivates — whether from an update conflict, a permissions issue, or a manual change you didn’t make — WP Canary logs it and flags it at your next check-in.

What it monitors

  • Plugin activation and deactivation events
  • Version changes following an update
  • Newly installed plugins
  • Plugins flagged as having known conflicts with your active theme or other plugins
Technical detail — how plugin state is tracked
Plugin status is captured via get_plugins() and get_option(‘active_plugins’) on each scan cycle. A snapshot is stored in wp_options under wpc_plugin_snapshot. On the next cycle, the new state is diffed against the snapshot and changes are written to the activity log.

404 flood detection Free

Tracks 404 error frequency on your site and alerts you when the rate spikes above a normal threshold. A 404 flood is often caused by a bot sweep, a broken redirect, or a deleted page that still has inbound links — all of which silently drain your SEO if left unchecked.

A 404 flood doesn’t just annoy visitors — search engines register these errors too. Sustained 404 spikes can cause crawl budget waste and ranking drops for affected URLs.

What it detects

  • Sustained 404 rate above your configured threshold (default: 50 per hour)
  • Sudden spikes indicating a possible bot sweep or viral broken link
  • Top offending URLs — the specific paths being requested most
Technical detail — how 404s are counted
WP Canary hooks into template_redirect at priority 999. On 404, it increments a transient counter (wpc_404_count_{hour}) and logs the requested URI. Hourly totals are compared against the threshold stored in wpc_settings. No additional server logging or .htaccess modification required.

Morning digest Pro

A daily email summary of everything WP Canary has flagged across all seven modules. Arrives at a time you choose — default is 7:00 AM in your site’s timezone. Written in plain English, with a clear OK / Flag / Alert status for each module so you can scan it in under 30 seconds.

What’s in the digest

  • Status for each active module: OK, Flag, or Alert
  • A plain-English summary of any flags or alerts raised since the previous digest
  • Direct links to your WP Canary dashboard for any item requiring attention
  • A site health score — an at-a-glance indicator based on combined module statuses
Technical detail — email delivery
Uses wp_mail() via your site’s configured mailer. Digest is scheduled via wp_schedule_event() using the wpc_daily_digest hook. For reliable delivery, pair with an SMTP plugin: WP Mail SMTP, Postmark, or SendGrid are all compatible. Default WordPress PHP mail is not recommended for production digest delivery.

Debug log analysis Pro

Reads your WordPress debug log (wp-content/debug.log) and surfaces meaningful errors in plain English — without you having to dig through hundreds of lines of PHP notices. WP Canary distinguishes between notices, warnings, and critical errors, and only flags items that are likely to affect site function.

The debug log only exists if WP_DEBUG and WP_DEBUG_LOG are enabled in your wp-config.php. WP Canary will prompt you if the log isn’t found and show you how to enable it.

What it surfaces

  • Critical PHP errors and fatal exceptions
  • Recurring warnings from specific plugins or themes
  • Database query errors logged by WordPress core
  • Deprecated function notices that may indicate plugin incompatibilities
Technical detail — log parsing
WP Canary reads debug.log via file_get_contents() in 50KB chunks (most recent content prioritised). Lines are parsed by severity prefix: [ERROR], [WARNING], [NOTICE], [DEPRECATED]. Critical and Error lines trigger Alert status. Warnings trigger Flag. Notices are logged but do not affect digest status unless count > 20 in a 24hr window.

Ad interference monitor Pro

Detects when plugins or browser-side scripts are interfering with ad network delivery on your site. If you run display advertising through Google AdSense, Mediavine, AdThrive, or similar networks, certain caching plugins, security plugins, or script managers can silently block ad tags — costing you revenue without any visible error.

What it detects

  • Scripts from known ad networks missing from page output
  • Content Security Policy headers that block ad network domains
  • Caching plugins serving pages without ad script tags
  • Plugin-level script dequeuing that removes ad-related scripts
Technical detail — how interference is detected
WP Canary performs a server-side page fetch via wp_remote_get() on your homepage and up to 2 configured inner pages. Output is parsed for the presence of configured ad network script domains (e.g. pagead2.googlesyndication.com). Absence triggers a Flag. CSP headers are inspected for restrictive script-src directives.

License & update health Pro

Keeps an eye on the licence status and update availability of your premium plugins — the ones that don’t always announce themselves when something’s wrong. If a licence key has expired, a plugin is running an outdated version, or an update is being blocked because of a licence issue, WP Canary catches it.

What it monitors

  • Expired or invalid licence keys for premium plugins
  • Premium plugins with updates available but not applying due to licence issues
  • Plugins that have been abandoned (no updates in 12+ months on active installs)
  • WordPress core and free plugin update availability
Technical detail — licence check mechanism
WP Canary checks the update_plugins transient for plugins with update_available = true. For Freemius-powered plugins, it reads the fs_accounts option to assess licence expiry dates. For EDD Software Licensing plugins, it inspects the relevant options prefix. Other licence systems are flagged based on update blockers in the plugins API response.

FAQ — General

Does WP Canary slow down my site?

No. All monitoring runs on WP-Cron schedules during low-traffic periods and adds zero overhead to front-end page loads. The plugin has no impact on your site’s Time to First Byte or Core Web Vitals scores.

Will it conflict with my existing plugins?

WP Canary is designed to be entirely passive — it reads site data and sends reports. It does not modify your database, intercept requests, rewrite URLs, or alter the behaviour of other plugins. Conflicts are very rare. If you do experience an issue, the troubleshooting section below covers the most common scenarios.

Do I need to configure anything after installing?

The free tier works immediately after activation with no configuration required. For Pro, you’ll want to set your notification email and digest schedule in WP Canary > Settings — this takes about two minutes.

Is WP Canary compatible with WordPress Multisite?

Single-site installation only at this time. Multisite support is on the roadmap — join the mailing list to be notified when it’s available.

FAQ — Performance

How does WP Canary use WP-Cron?

Each module is scheduled as a separate WP-Cron event. Scans are staggered to avoid running simultaneously. If your site uses a real server cron (recommended for high-traffic sites), WP Canary’s events will run on that schedule instead of being triggered by page visits.

Will the 404 flood detector slow page loads?

No. The 404 counter uses a lightweight transient increment — it adds roughly 1–2ms to 404 responses only, and has no effect on pages that load normally.

What if WP-Cron is disabled on my server?

WP Canary will still work, but scheduled scans won’t run automatically. You’ll need to set up a real server cron job to trigger wp-cron.php. The technical detail section in the Installation guide covers this setup.

FAQ — Billing & license

What’s the difference between the annual and lifetime license?

The annual license is $34.99/year and renews automatically. The lifetime license is a one-time payment of $109.99 and covers all future updates with no renewal. Both cover one site.

What happens when my Pro license expires?

The plugin automatically reverts to Free tier functionality. Your settings and scan history are preserved — you won’t lose any data. Simply renew your license to restore Pro features.

Can I use one license on multiple sites?

A single license covers one site. Each additional site requires its own license. Agency multi-site pricing is on the roadmap.

Do you offer refunds?

Yes — a 7-day no-questions-asked refund is available via Freemius. Contact support via the Contact page and your refund will be processed within one business day.

FAQ — Troubleshooting

I’m not receiving my morning digest. What should I check?

First, check your spam folder. If it’s not there, go to WP Canary > Settings and confirm the notification email is correct. Then check that your site is sending email at all — use a plugin like Check & Log Email to test. For reliable delivery, pair WP Canary with an SMTP plugin such as WP Mail SMTP.

The database scanner is showing errors I don’t recognize. Should I be worried?

Not necessarily. The most common flag is table overhead — this is normal and can be resolved by running an optimize operation, which WP Canary will prompt you to do. Collation mismatches are worth addressing but are rarely urgent. If you see a table listed as corrupted, that warrants immediate attention.

My license key isn’t being accepted. What should I do?

Make sure you’re copying the key exactly as it appears in your purchase confirmation email — no leading or trailing spaces. If the issue persists, log in to your Freemius account at freemius.com to verify the license is active and hasn’t been used on another site.

WP Canary is flagging a plugin I trust. Can I suppress that alert?

Yes. In WP Canary > Settings > Module preferences, you can add specific plugins to the ignore list for the Plugin Watchdog module. This is useful for plugins that legitimately deactivate and reactivate on a schedule.