Description

Opti-Behavior is a self-hosted behavior analytics and conversion optimization plugin for WordPress.

Visitors rarely explain why they leave. They click, scroll, hesitate, abandon forms, hit errors, ignore CTAs, or drop out of checkout. Opti-Behavior turns those silent behaviors into clear optimization signals inside your WordPress dashboard.

Instead of sending visitor behavior to an external analytics cloud, Opti-Behavior stores analytics data on your own WordPress server. Use it to understand friction, protect visitor privacy, and make better conversion decisions with heatmaps, funnels, A/B testing, analytics, and Pro growth tools.

Opti-Behavior Suite for WordPress Optimization

Opti-Behavior is built around one simple psychology principle: users reveal intent through behavior before they explain it with words.

Real-Time Analytics – See what visitors are doing now: sessions, pageviews, devices, traffic sources, countries, engagement, and bot-filtered activity.
Heatmaps – Discover what users notice, ignore, click, misclick, and scroll past so you can improve layout, CTAs, and page focus.
Conversion Funnels – Find the exact step where motivation turns into abandonment, from landing page to checkout or lead form.
A/B Testing – Replace opinions with evidence by testing pages, elements, goals, and conversion paths directly in WordPress.
Session Recordings – Watch hesitation, rage clicks, dead clicks, scrolling, navigation, and friction moments in real user sessions. Pro feature.
Form Analytics – Identify fields that create effort, confusion, errors, or abandonment before users submit. Pro feature.
User Journey Analytics – Visualize the paths visitors naturally take through your site and turn high-value journeys into funnels. Pro feature.
Errors & Performance Tracking – Detect JavaScript errors, broken links, rage clicks, dead clicks, and performance issues that silently reduce trust. Pro feature.
Settings & Privacy Controls – Control consent, storage, reports, cleanup, languages, debugging, and privacy options from one place.

Why Opti-Behavior Works

Most site owners already have traffic numbers. The hard part is understanding the human reason behind the numbers.

Opti-Behavior helps answer practical conversion questions:

Which parts of the page attract attention?
Where do visitors hesitate or lose confidence?
Which funnel step causes the biggest drop-off?
Which form field creates too much effort?
Which CTA, layout, product page, or message should be tested next?
Are bots, spam, errors, or slow pages distorting your decisions?

The goal is not more dashboards. The goal is better decisions.

Core Features Included Free

Click and scroll heatmaps for desktop and mobile behavior.
Real-time analytics dashboard with visitors, sessions, pageviews, bounce rate, scroll depth, top pages, traffic sources, and visitor map.
Unlimited conversion funnels with multi-step drop-off analysis and device filtering.
A/B testing for page-split experiments, variant previews, conversion goals, and winner application.
Session and visitor tracking with duration, visited pages, referrers, outbound links, and engagement patterns.
Bot detection and filtering for cleaner decisions.
Scheduled email reports: daily, weekly, or monthly.
Hybrid Storage engine designed to reduce database bloat by storing high-volume analytics events in optimized files.
IP anonymization, no cookies required, and no third-party analytics data sharing.
Multilingual admin: English, French, German, Spanish, Portuguese, and Italian.

Pro Growth Features

Upgrade when you want to move from analytics to deeper behavior diagnosis:

Session Recordings – watch real visits and understand what users actually experienced.
Error Tracking – detect JavaScript errors, network issues, broken links, and Core Web Vitals problems.
Friction Detection – find rage clicks and dead clicks that signal frustration.
Form Analytics – measure field-level effort, abandonment, refill behavior, and completion time.
User Journey Analytics – use Sankey-style journey visualization to see common paths, exits, and opportunities.
Advanced Heatmap Filtering – segment heatmaps by country, browser, device, visitor type, and date.
Advanced A/B Testing – use visual edits, targeting, scheduling, WooCommerce tests, and revenue attribution.
Priority Support – get faster help when optimizing business-critical pages.

Try Pro FREE for 6 months – no credit card required.

Explore Opti-Behavior Pro

Optimization Workflow

Track what users do on your WordPress site.
Understand where attention, hesitation, and abandonment happen.
Prioritize the pages, funnels, forms, and errors with the biggest impact.
Improve the layout, copy, CTA, form, checkout, or technical issue.
Validate decisions with A/B testing instead of guessing.

Privacy & Performance by Design

Opti-Behavior is made for WordPress site owners who want insight without giving up control.

Self-hosted data – visitor behavior stays on your WordPress server.
No third-party analytics cloud – analytics data is not sold or shared with external behavior platforms.
Privacy controls – IP anonymization, retention settings, consent-friendly tracking, and uninstall cleanup options.
Lightweight tracking – async tracking and Hybrid Storage are designed to keep pages fast and databases lean.
WooCommerce ready – analyze product pages, carts, checkout funnels, and revenue-focused experiments while keeping customer behavior data under your control.

External Services

This plugin may connect to external services in limited circumstances:

IP Geolocation (ip-api.com)

Purpose: Provides geographic location data (country, city, timezone) for visitor analytics and map visualization.

When Used: Only when a visitor’s location cannot be determined from CloudFlare headers. If CloudFlare is active, no external calls are made.

Data Sent: Only the visitor’s IP address. No personally identifiable information is transmitted.

Caching: Results are cached for 1 hour to minimize API requests.

Privacy:
* Service: https://ip-api.com/
* Terms & Privacy: https://ip-api.com/docs/legal
* Note: ip-api.com may log IP addresses. Review their privacy policy for details.

IP Geolocation Fallback (ipwho.is)

Purpose: Secondary geolocation fallback when ip-api.com is rate-limited or unavailable. Provides geographic location data (country, city, region, timezone) for visitor analytics.

When Used: Only when both CloudFlare headers and ip-api.com fail to resolve a visitor’s location. ip-api.com’s free tier has a 45 requests/minute rate limit, so on high-traffic sites ipwho.is ensures visitors are still geolocated accurately.

Data Sent: Only the visitor’s IP address. No personally identifiable information is transmitted.

Caching: Results are cached for 1 hour to minimize API requests.

Privacy:
* Service: https://ipwho.is/
* Terms & Privacy: https://ipwho.is/
* Note: ipwho.is may log IP addresses. Review their privacy policy for details.

OpenStreetMap Tiles

Purpose: Displays the interactive visitor location map in your WordPress admin dashboard.
When Used: Only when YOU (the admin) view the real-time visitor map. Not used on the frontend.
Data Sent: Your browser makes direct requests to OpenStreetMap tile servers (standard HTTP headers only).

Privacy:
* Service: https://www.openstreetmap.org/
* Tile Policy: https://operations.osmfoundation.org/policies/tiles/
* Privacy Policy: https://wiki.osmfoundation.org/wiki/Privacy_Policy

OptiUser API (api.optiuser.com)

Purpose: Handles anonymous install tracking, plugin deactivation notifications, Pro trial license generation, license validation, update checks, and download access code generation for the Pro plugin.

When Used:
* Install tracker: Sends an anonymous heartbeat once every 24 hours after activation, containing only: site URL, WordPress version, PHP version, plugin version, and plugin type (free/pro). No visitor data or personal information is sent.
* Deactivation: Notifies the API when the plugin is deactivated so installation records stay up to date.
* Pro upgrade pages: When an admin views a Pro feature upgrade page (Session Recordings, Error Tracking, User Journeys, Form Analytics), the plugin requests a one-time download access code from the API. This code is used to securely access the Pro download page on optiuser.com.

Data Sent: Site URL, WordPress admin username, admin email address (only when requesting a Pro download access code). No visitor analytics data is ever sent to the API.

Privacy:
* Service: https://api.optiuser.com/
* Website: https://optiuser.com/
* Privacy Policy: https://optiuser.com/privacy-policy/
* The API stores installation metadata (site URL, plugin version) for license management. No visitor data is collected or stored by the API.

OptiUser Website (optiuser.com)

Purpose: Hosts the Opti-Behavior Pro download page and sales/feature pages. When an admin clicks “Download Pro — Free for 6 Months” on a Pro upgrade page, they are redirected to optiuser.com to register and download the Pro plugin.

When Used: Only when an admin chooses to download Opti-Behavior Pro from a Pro upgrade page within the WordPress admin. This is an optional, user-initiated action.

Data Sent: Site URL, username, and email address are passed as URL parameters to pre-fill the registration form. No visitor analytics data is sent.

Privacy:
* Service: https://optiuser.com/
* Privacy Policy: https://optiuser.com/privacy-policy/

Important Note: All analytics data is stored locally on your WordPress server. The external services listed above are used only for optional geographic features (ip-api.com, ipwho.is, OpenStreetMap), anonymous install tracking, and Pro license management (api.optiuser.com). No visitor analytics data ever leaves your server.

Privacy Policy

Opti-Behavior collects user interaction data to provide analytics insights. This data includes:

Page URLs and titles
Click coordinates and target elements
Mouse movement patterns
Scroll depth
Session timestamps
Referrer URLs
Browser and device information
IP addresses (can be anonymized)
Approximate location based on browser timezone (client-side only, no external services)

Data Storage: All analytics data is stored locally in your WordPress database or file system. No data is sent to external analytics servers.

External Services: This plugin may make API calls to ip-api.com and ipwho.is for IP geolocation when CloudFlare headers are not available. ipwho.is is used as a secondary fallback when ip-api.com is rate-limited or unavailable. Only the visitor’s IP address is sent to these services. See the “External Services” section above for complete details.

Usage Tracking: With your explicit consent (granted via the first-run welcome screen), this plugin sends anonymous usage statistics to api.optiuser.com once every 24 hours. The data includes: site URL, plugin version, WordPress version, PHP version, and the site administrator email address. This data is used solely to understand plugin adoption and improve the product. Tracking only begins after you click “Accept & Continue” on the welcome page shown at first activation. You may review our full data practices at https://optiuser.com/privacy-policy/

No Third-Party Data Sharing: Unlike cloud-based analytics tools, Opti-Behavior does not share, sell, or transfer your visitors’ data to any third party. You are the sole data controller.

User Rights: You have full control over data retention and deletion. Users can request data deletion at any time.

When using this plugin, ensure your site’s privacy policy discloses:
* What data is being collected
* How long it is retained
* Who has access to it
* How users can request deletion
* That data is stored locally and not shared with third parties

Third-Party Libraries

This plugin bundles the following open-source libraries:

Chart.js

Version: 4.4.0
License: MIT License
Homepage: https://www.chartjs.org/
Used for: Rendering analytics charts and graphs

Leaflet

Version: 1.9.4
License: BSD 2-Clause License
Homepage: https://leafletjs.com/
Used for: Real-time visitor map visualization

heatmap.js

Version: 2.0.5
License: MIT License
Homepage: https://www.patrick-wied.at/static/heatmapjs/
Used for: Generating visual heatmaps of user interactions

Lucide

Version: 0.554.0
License: ISC License
Homepage: https://lucide.dev/
Used for: Icon library for the admin interface

All bundled libraries use GPL-compatible licenses (MIT, BSD 2-Clause, and ISC) and are included locally within the plugin. See THIRD-PARTY-LICENSES.txt in the plugin directory for full license texts.

Credits

Developed by OptiUser

Screenshots

Real-time WordPress analytics dashboard with visitors, sessions, page views, average session time, scroll depth, and bounce rate KPIs.
Live visitor activity feed with country flags, anonymized visitor identifiers, page URLs, and an interactive real-time visitor map.
Traffic overview chart comparing visitors, sessions, and page views across the selected date range.
Top engaged users and top pages report showing session frequency, average session duration, country, page views, and interaction counts.
Visitor activity heatmap showing high-traffic days and hours for behavior analytics and content timing decisions.
Audience analytics widgets for new vs returning visitors, visited directories, and logged-in visitor authentication activity.
Traffic classification dashboard with human traffic, spam traffic, bot detection, crawler breakdown, and user intent segmentation.
Acquisition and environment analytics for referrers, countries, and browser usage.
Device analytics for desktop, mobile, tablet, operating systems, and screen resolutions.
Heatmaps overview with total heatmaps, total clicks, mobile traffic, average time on page, hottest page, click-through rate, and searchable page list.
Click heatmap detail view with date, country, browser, visitor type, desktop/mobile filters, page preview, and click intensity overlay.
Move heatmap detail view showing mouse movement trails and visitor movement patterns on a live page preview.
Attention heatmap detail view showing attention intensity and engagement hotspots on the selected page.
Scroll heatmap detail view showing scroll-depth intensity, loaded scroll points, and page-level engagement depth.
Post Analytics panel with entry sources, on-page visitor behavior, exit behavior, total interactions, scroll depth, bounce rate, and update time.
Page-level analytics with country, browser, device breakdowns, visitor trends, heatmap access, and session recording access.
Pro: Session Recordings list with watched status, duration, visitor activity, visited pages, referrer, country, browser, operating system, and device data.
Pro: Session recording page timeline showing multi-page visitor journeys with events, clicks, durations, and replay controls.
Pro: Session replay player with visitor metadata, event timeline, playback controls, skip-inactive mode, and page-by-page session navigation.
Conversion funnels dashboard showing funnel steps, completion rate, abandonment rate, device and country filters, and funnel performance cards.
Funnel builder modal for creating or editing URL-based funnel steps with URL match rules and step ordering.
Pro: User Journey Analytics with journey flow visualization, top paths, entry and exit analysis, page groups, device, browser, country, visitor, and referrer filters.
Pro: Errors Tracking dashboard for JavaScript errors, network errors, friction events, rage clicks, slow pages, affected sessions, performance, and broken links.
Pro: Form Analytics dashboard with form views, submissions, conversion rate, completion time, abandonments, activity trends, and top forms by conversion.
Privacy and GDPR settings comparing anonymous mode and full tracking for cookies, IP storage, geolocation, consent, session accuracy, and user journey tracking.
Consent banner configuration with third-party consent plugin detection, banner position controls, colors, title, and message settings.
A/B Testing dashboard with running tests, drafts, completed tests, impressions, search, filters, conversion rate, and test results actions.
A/B Testing decision engine results with weighted goals, recommended winner, composite score by variant, per-goal breakdown, and Pro-only heatmap impact by variant.
A/B Testing click-goal results with statistical significance, confidence, goal configuration, variant conversion rates, winner status, Pro-only Bayesian analysis, and conversion trend chart.

Installation

Automatic Installation

Log in to your WordPress admin panel
Navigate to Plugins > Add New
Search for “Opti-Behavior”
Click “Install Now” and then “Activate”

Manual Installation

Download the plugin zip file
Log in to your WordPress admin panel
Navigate to Plugins > Add New > Upload Plugin
Choose the downloaded zip file and click “Install Now”
After installation, click “Activate Plugin”

After Activation

Navigate to Opti-Behavior in your WordPress admin menu
The plugin starts tracking automatically – no configuration required!
Visit the Dashboard to see real-time visitor activity
Go to Heatmaps to view click patterns on your pages
Check Funnels to set up conversion tracking
Adjust Settings to customize tracking behavior and privacy options

That’s it! Opti-Behavior works out of the box with smart defaults.

FAQ

Does this plugin slow down my website?: Opti-Behavior is designed to stay lightweight. The tracking script loads asynchronously, events are batched, and the Hybrid Storage engine can store high-volume analytics events in optimized files instead of writing every interaction directly to MySQL. As with any analytics tool, performance depends on hosting, traffic volume, and settings, but the plugin is built to minimize frontend impact.
Is this plugin GDPR compliant?: Opti-Behavior includes privacy controls that help with GDPR-friendly analytics: self-hosted data storage, IP anonymization, data retention controls, cookie-free tracking options, and consent-banner compatibility. You should still update your privacy policy and confirm your setup with your own legal requirements.
Is this plugin CCPA compliant?: Opti-Behavior supports CCPA-friendly practices because visitor behavior data stays on your server and is not sold by Opti-Behavior. You can anonymize IP addresses, delete stored data, and use your existing consent or opt-out workflow before tracking starts.
How is this different from Microsoft Clarity?: Clarity is cloud-based and Microsoft may process behavioral data under its own terms. Opti-Behavior is WordPress-native and self-hosted, so visitor behavior data stays on your server. Opti-Behavior also includes funnels, scheduled reports, bot filtering, and self-hosted A/B testing.
How is this different from Hotjar?: Hotjar sends behavior data to an external cloud and many advanced features require paid plans. Opti-Behavior keeps behavior analytics inside WordPress, includes heatmaps and funnels in the Free plugin, and adds recordings, form analytics, journeys, errors, and advanced A/B testing in Pro.
How is this different from Matomo?: Matomo is strong self-hosted analytics, but many behavior features are separate premium add-ons. Opti-Behavior focuses specifically on behavior analytics and conversion optimization for WordPress: heatmaps, funnels, A/B testing, recordings, forms, journeys, and friction insights.
Are there any session or pageview limits?: There are no artificial SaaS-style session caps in the plugin. Your practical limit is your own server storage, database capacity, and retention settings.
Can I export my data?: Yes. Analytics data can be exported from the dashboard where export tools are available.
Does this work with caching plugins?: Yes. Opti-Behavior is designed to work with common WordPress caching plugins such as WP Rocket, LiteSpeed Cache, W3 Total Cache, Autoptimize, SG Optimizer, and WP Super Cache.
Will this work on multisite?: Yes. Opti-Behavior supports WordPress multisite and can be activated network-wide or on individual sites.
Does this plugin call any external services?: Yes, only for specific supporting features such as geolocation, admin map tiles, anonymous install tracking after consent, Pro trial/license management, and user-initiated OptiUser website links. See the External Services section below for details.
What data does this plugin collect?: Depending on settings, Opti-Behavior can collect page views, URLs, click positions, scroll depth, session timestamps, referrers, device/browser data, anonymized IP data, approximate location signals, and interaction metadata. It does not collect form field values by default, and analytics data is stored locally in your WordPress database or file system.
Can I delete all data when uninstalling?: Yes. Enable Delete all data on uninstall in Settings to remove stored plugin data when the plugin is uninstalled.
Does it work with WooCommerce?: Yes. Use Opti-Behavior to analyze product pages, cart behavior, checkout funnels, CTA clicks, and revenue-focused A/B tests while keeping customer behavior data under your control.
Does it work with page builders?: Yes. Opti-Behavior works with Gutenberg, Elementor, Divi, Beaver Builder, WPBakery, and other major WordPress builders.
What is the Hybrid Storage Engine?: Hybrid Storage is Opti-Behavior’s performance-focused storage approach. Instead of pushing every click, scroll, and pageview directly into MySQL, high-volume events can be stored in optimized files and aggregated for faster reporting. This helps reduce database bloat on busy sites.
How do I get support?: Free users can use the WordPress.org support forum. Pro users get priority support through OptiUser.

Reviews

mariamilano April 6, 2026

Honestly didn’t expect much when I installed this. There are so many analytics plugins that promise everything and deliver nothing. Been using it for 3 days now. The thing that actually surprised me was the form analytics. I’ve never seen a WordPress plugin that shows you exactly how people interact with each field, how long they stay on it, where they stop and leave. Found a real issue on my contact form in like 20 minutes. One field was killing my submissions and I had no idea. Everything runs on my own server which was important to me. Not a fan of sending my visitors’ data to Microsoft or whoever. Still waiting for the WooCommerce features they mentioned. That’s the main reason I’ll be sticking around. If that works half as well as the form analytics, it’ll be worth it.

Hamdouch March 29, 2026

I got to test the Pro plan for free and honestly… I’m blown away! 😄Opti Behavior is a real all-in-one beast for understanding your website traffic. It shows you exactly how people are moving around your site and, most importantly, what you actually need to optimize to make things better.

Read all 2 reviews

Contributors & Developers

“Opti-Behavior – Self-Hosted Heatmaps, Session Recordings, Funnels & A/B Testing” is open source software. The following people have contributed to this plugin.

OptiUser

Translate “Opti-Behavior – Self-Hosted Heatmaps, Session Recordings, Funnels & A/B Testing” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.4.0 – 2026-05-14

Feature: Added file-based statistics and analytics exports that save Opti-Behavior data as CSV or JSON for use in external tools, reporting workflows, integrations, and AI-agent analysis.
Enhancement: Added multilingual survey copy coverage (fr_FR, de_DE, es_ES, pt_BR, it_IT) and ensured plugins.php honors the Opti-Behavior admin language setting.

1.3.1 – 2026-05-04

Fix: Keep Free click heatmap detail working when Pro is disabled by loading the Free detail page and AJAX handlers correctly.
Fix: Pro runtime detection no longer treats the Free fallback opti_behavior_pro_active() helper as an active Pro runtime.
QA: Added regression coverage for the Pro-disabled Free click heatmap detail path.

1.3.0 – 2026-05-03

Feature: Added a delayed WordPress.org review reminder banner with Opti-Behavior branding, shown to admins after 7 days of plugin use with review, done, remind, and hide actions.
Feature: Frontend Stats Bar metrics now link admins to the relevant detail pages for faster page-level analysis.
Enhancement: Frontend Stats Bar layout now dynamically compacts and wraps metrics so Pro metrics remain visible on narrower screens.
Enhancement: Refined the onboarding setup wizard styling, copy, and welcome-page flow.
Fix: Heatmap Detail iframe height no longer enters viewport-height feedback loops on pages with 100vh/min-height wrappers, preventing runaway growth and clipped footers.
Fix: Hardened heatmap reset SQL and A/B Visual Editor redirect handling.
Maintenance: Synced the Free plugin title, package metadata, version constant, readme stable tag, and changelog for the 1.3.0 release.

1.2.9.3 – 2026-05-03

Fix: Heatmap Detail iframe height no longer enters viewport-height feedback loops on pages with 100vh/min-height wrappers, preventing runaway growth and clipped footers.
Fix: Added safer cache-busted heatmap asset versioning for this hotfix release.

1.2.9 – 2026-05-01

Feature: Added a per-page heatmap reset button on Heatmap Detail pages so admins can delete stale heatmap data after major page redesigns without deleting session recordings, sessions, or analytics history.
Enhancement: Optimized and polished the Frontend Stats Bar overlay for cleaner frontend admin stats display.
Enhancement: Added advanced GDPR compact consent banner controls for improved privacy-banner design and behavior.
Fix: A/B Visual Editor launch and preview flows remain popup-safe with browser privacy extensions and ad blockers.

1.2.8.1 – 2026-04-28

Fix: A/B Testing Visual Editor launchers now use native direct links for saved variants, preventing ad blockers and popup blockers from making Open Visual Editor appear broken.
Fix: Visual Editor Preview now uses a server-side save-and-redirect form flow instead of script-created popups, so preview opens reliably with unsaved changes.
Enhancement: Added regression coverage for popup-blocker-safe Visual Editor opening and preview behavior.

1.2.8 – 2026-04-28

Feature: Added expanded A/B testing tools for page-split experiments, visual variant previews, winner application, and conversion goal tracking.
Feature: Added improved A/B test results reporting with impressions, conversions, conversion rate, and winner indicators.
Enhancement: Improved A/B attribution for page-split variant pages and cross-page goals so experiment results stay accurate across visitor journeys.
Maintenance: Prepared the Free plugin package metadata, version constants, readme stable tag, and changelog for the 1.2.8 release.

1.2.7 – 2026-04-09

Feature: Selective data deletion in Danger Zone — 9 category checkboxes (Sessions, Visitors, Events, Heatmaps, Recordings, Traffic, Errors, Funnels, Forms) let users choose which data to delete instead of deleting everything
Enhancement: Select All / Deselect All toggle for quick category selectio
Fix: False-positive broken links — same-origin images and internal pages no longer flagged as “Blocked” when server blocks HEAD requests (LiteSpeed Cache, WAF). HEAD failures now fallback to GET verification before saving
Fix: Error source now shows actual JS file path instead of generic “admin-ajax.php” — uses call stack capture at fetch/XHR call time
Fix: Session recorder console.log/warn messages now gated behind the Debug & Logging “Enable JavaScript Debug Logging” setting — no more console spam on production sites
Enhancement: JS Errors page file links now show full URL on mouse hover (tooltip) and are clickable to open the source file directly
Enhancement: IMG resource error verification uses HEAD + GET fallback with _optiVerify flag to prevent XHR interceptor self-tracking

1.2.6 – 2026-04-7

Fix: Attention heatmap showing click stats instead of scroll stats
Enhancement: Admin tracking settings, admin bar offset, login detection
Enhancement: Translations updated (FR, DE, ES, IT, PT-BR)
Feature: Onboarding popup

1.2.5.1 – 2026-04-5

Enhancement: Replace raw console.log/warn/info in session-recorder.js
Fix: All visitor-facing and admin console output now respects the debug logging settings in wp-admin

1.2.5 – 2026-04-5

Fix: Session recording playback shows white empty page on live server — set inlineStylesheet:false to prevent oversized FullSnapshot payloads (3–7 MB) that Hostinger nginx rejects
Fix: Added oversized-payload guard in session-recorder.js — warns when non-beacon payload exceeds 1 MB
Fix: PHP empty-events guard — rejects AJAX saves with no events when no DB row exists yet
Enhancement: Comprehensive debug logging in JS (FullSnapshot detection, save batch type distribution, server response) and PHP (error_log for event types, FullSnapshot presence, file save confirmation)
Fix: Removed console plugin from rrweb config to eliminate type-6 events and extra payload bulk

1.2.4.2 – 2026-04-04

Fix: Heatmap data protection improvements and welcome page refinements
Enhancement: Minor code quality improvements across core files

1.2.4.1 – 2026-04-03

Fix: Resolve PHP 8.2 null deprecations + wpdb prepare mismatch

1.2.4 – 2026-04-03

Fix: Resolved all WordPress Plugin Check errors and warnings (escape output, nonce verification, readme compliance)
Fix: GDPR consent banner not displaying — admin-notices CSS/JS no longer hides plugin’s own ob-* elements
Enhancement: Default auto-cleanup on fresh install (weekly, 90-day retention, bot/bounce session removal)
Enhancement: Moved Pro trial offer above feature list on welcome page for better visibility
Fix: Consent banner logic simplified — removed obsolete checkbox, uses Consent Banner Source radios only

1.2.3 – 2026-03-29

Feature: Frontend Stats Bar — admin-only analytics overlay on every frontend page with 6 color themes and per-stat visibility settings
Feature: Custom SMTP email configuration for scheduled reports with WP Mail fallback, and Cron Monitor for scheduled task health
Enhancement: Full cache plugin compatibility (Autoptimize, LiteSpeed, WP Rocket, SG Optimizer) — nonce refresh, client-side cookie IDs, script tag protection, and visibilitychange flush
Enhancement: Optimized live visitors query, esc_sql() hardening, admin submenu reorder, and PHPCS compliance fixes
Fix: 10 Smart Data Cleanup bugs (recording file deletion, cascade orphans, scheduling), debug log download fatal error, and auto-cleanup via daily cron

1.2.2 – 2026-03-22

Feature: Rich banner styles — info, warning, success, promo, custom with configurable colors, images, and CTA buttons
Enhancement: Dismiss tracking stores timestamps for duration-based re-show logic with automatic migration from old format
Fix: Self-referral bug — site’s own domain no longer appears as referrer in analytics, user journey, and form analytics views

1.2.1 – 2026-03-17

Feature: Server-side proxy for heatmap iframe loading — bypasses CDN-level X-Frame-Options restrictions (e.g., Hostinger) that block iframe embedding
Enhancement: Heatmap iframe now uses srcdoc with proxied HTML content, injecting <base href> for correct relative URL resolution
Enhancement: Generic JS scan to detect and cap elements with inflated inline heights from unknown/custom slider frameworks
Fix: Heatmap iframe blank/error on sites with CDN-level X-Frame-Options: deny (e.g., Hostinger-hosted sites)
Fix: Server-side proxy added to both Free and Pro AJAX classes to prevent action not registered error when Pro overrides Free
Fix: Removed broken CDN Lucide CSS (cdn.jsdelivr.net) from Pro detail page that caused MIME type error
Security: Proxy endpoint restricted to same-site URLs only, with nonce verification and manage_options capability check

1.2.0 – 2026-03-11

Feature: “Try Pro FREE for 6 Months” admin banner with trial countdown, dismiss, and expired state variants
Feature: ipwho.is secondary geolocation API fallback when ip-api.com is rate-limited (free, HTTPS, no rate limit)
Enhancement: License-aware trial banner visibility using Manifest Manager (hidden for valid Pro license, shown for expired trial)
Enhancement: Geolocation fallback chain expanded: CloudFlare Cache ip-api.com ipwho.is Timezone Browser Language
Enhancement: Added ipwho.is to External Services disclosure, FAQ, and Privacy Policy sections in readme.txt
Fix: Trial banner dismiss button now removes element from DOM instead of CSS hide (fixes specificity conflict with admin-notices.css)
Fix: Trial banner no longer appears when Pro plugin is active with a valid license
Fix: “Unknown” country in Real-time Visitors resolved for high-traffic sites exceeding ip-api.com 45 req/min rate limit
Fix: Stable tag mismatch between readme.txt and main plugin file header
Fix: Short description trimmed to 150-character WordPress.org maximum

1.1.1 – 2026-03-10

Fix: PHP version compatibility check was comparing against non-existent PHP 7.6 instead of 7.4, preventing activation on PHP 7.4.x servers
Enhancement: Added OptiUser API (api.optiuser.com) and OptiUser Website (optiuser.com) to External Services disclosure for WordPress.org compliance
Enhancement: Expanded FAQ “Does this plugin call any external services?” with detailed list of all 4 external services
Enhancement: Added “Try Pro FREE for 6 months” call-to-action in Pro Features section with direct download link
Enhancement: Updated upgrade pages with 6-month free Pro trial messaging and hidden download page URL

1.1.0 – 2026-03-09

Feature: Plugin install tracker with 24-hour heartbeat mechanism for anonymous usage statistics
Feature: Automatic plugin type detection (Free/Pro) in tracker heartbeat data
Feature: Deactivation notification to API for immediate status updates
Enhancement: Autoloader class conflict prevention for shared Free/Pro classes (Ajax, Detail Page, Parser, Cache)
Enhancement: Heatmaps sessions column now uses file-based device counts (Desktop + Mobile) for accurate sorting
Enhancement: Heatmap table column widths rebalanced to accommodate tooltip icons and translations
Enhancement: Table headers no longer truncated — always fully readable with nowrap styling
Enhancement: Title truncation moved from PHP to CSS text-overflow for cleaner hover tooltips
Fix: Autoloader excluding shared Pro/Free classes to prevent Free overriding Pro AJAX handler
Fix: Heatmap detail page duplicate rendering caused by auto-instantiation
Fix: SQL prepared statement parameter mismatch when date filters were active on heatmaps
Fix: Sessions ORDER BY alias referencing non-existent table alias
Fix: Plugin re-activation now triggers immediate heartbeat to update API status
Fix: Removed unexpected ARCHITECTURE.md file from plugin root (Plugin Check compliance)
Fix: Wrapped all error_log() calls in WP_DEBUG guards for production safety
Fix: Synced Stable tag and Plugin Name between readme.txt and main plugin header
Fix: Removed localhost/development URL from tracker API endpoint
Code Quality: Clean uninstall with tracker options and cron job cleanup

1.0.9 – 2026-02-10

Feature: Smart Data Cleanup system with bot/spam removal, quality thresholds, and scheduled auto-cleanup via WordPress cron
Feature: Comprehensive tooltip system across all pages (Dashboard, Heatmaps, Funnels, Settings, Form Analytics, Error Tracking)
Feature: Form Analytics upgrade page with menu integration, database table handlers, and scheduled report support
Feature: Danger Zone redesign with horizontal sub-tabs (Full Reset, Date Range, Smart Cleanup, Auto Schedule)
Feature: German (de_DE) language support with complete translations
Feature: Italian (it_IT) language support with complete translations
Feature: Spanish (es_ES) complete translation files
Feature: Portuguese (pt_BR) complete translation files
Enhancement: Replaced all emoji icons with Lucide SVG icons throughout the plugin for professional UI
Enhancement: Unified page header style across all pages (Dashboard, Heatmaps, Funnels, Settings, Recordings, Errors)
Enhancement: Country flag icons in language dropdown selector
Enhancement: Funnel step cards made more compact with improved layout and per-funnel country filter with flag icons
Enhancement: Heatmaps page search functionality and mobile preview mode for heatmap iframe
Enhancement: Guest preview mode for accurate non-logged-in heatmap display
Enhancement: Replaced Data Protection tab with Storage Stats page with improved tooltips
Enhancement: Standardized button styles with Lucide icons and btn-danger class for destructive actions
Enhancement: Added User Journeys and Form Analytics data to scheduled email reports
Enhancement: Improved browser/OS detection with HarmonyOS support and better bot detection
Enhancement: PRO feature gating with badges on menu items, heatmap tooltips, and blocked PRO heatmap types for free users
Enhancement: Admin menu icon updated to 35×35 PNG with hover states
Enhancement: French translations extensively improved with shortened menu labels
Enhancement: AI Insights panel with Lucide icon styling and default message
Fix: Move Heatmap trajectory rendering with proper coordinate scaling and adaptive colors based on website background
Fix: Scroll Heatmap legend positioning and visibility
Fix: Attention Heatmap legend positioning moved outside iframe with smooth gradients and base color coverage
Fix: Bounce rate KPI mismatch with daily history chart
Fix: Heatmaps page Mobile Traffic showing 0% – Device Split now uses sessions data
Fix: Session count mismatch between total and device split
Fix: Time period filter icon and dropdown functionality with correct default selection
Fix: Traffic Overview chart layout with reduced empty space
Fix: Funnel URL matching filters and string concatenation bug
Fix: Conditional cleanup settings not persisting after page refresh
Fix: Date range file deletion now includes uploads/opti-behavior-data/ directory
Fix: Delete All Data not clearing storage properly
Fix: Top Engaged Users widget column width for long country names
Fix: Scheduled reports SQL error and instant stats update
Fix: Heatmap download now includes page content with overlay
Fix: Stat history bar charts display
Fix: Stats inconsistency when Pro is active
Code Quality: WordPress Plugin Check – 0 errors, 0 warnings (100% compliant)
Code Quality: Renamed non-prefixed variables in HTML templates with opti_behavior_ prefix
Code Quality: Complete uninstall cleanup with all database tables, cron jobs, transients, and legacy directories

1.0.8 – 2025-12-08

Feature: User Intent Rules – Advanced system for analyzing and categorizing user behavior patterns
Enhancement: Analytics Dashboard time filter now defaults to 30 Days for better data overview
Fix: Improved favicon handling for referrer websites with proper fallback support

1.0.7 – 2025-12-02

Enhancement: Added French language translations for improved internationalization
Fix: Resolved sendPageView function issues for accurate page tracking
Fix: Corrected Returning Visitors calculation and display
Fix: Fixed Logged In Visitors detection and counting
Feature: Display username for logged-in visitors in Top Engaged Users widget
Enhancement: Extended device type support for all device categories (desktop, mobile, tablet, PC)
Code Quality: WordPress coding standards compliance improvements
Code Quality: Added debug logging controls via settings page
Security: Fixed nonce verification warnings
Security: Enhanced prepared SQL statements with proper phpcs annotations

1.0.6 – 2025-11-30

Feature: New vs Returning Visitors analytics dashboard widget
Feature: Visited Directories analytics with depth tracking and page views
Feature: Visitor Authentication analytics showing logged-in vs guest users
Fix: WordPress DB coding standards – SQL wildcards now use placeholders
Enhancement: Improved prepared SQL statements compliance
Code Quality: Full WordPress.DB.PreparedSQLPlaceholders compliance

1.0.5 – 2025-11-23

Fix: Removed all debug error_log() calls from production code
Fix: Replaced date() with gmdate() for timezone-safe date handling
Fix: Added translator comments for i18n compliance
Fix: Updated API URL from localhost to production endpoint
Fix: Corrected stable tag version mismatch
Enhancement: Improved readme with better descriptions and FAQ
Enhancement: Added Plugin URI and updated Author URI
Enhancement: Optimized WordPress.org directory submission compliance
Compatibility: Full WordPress 6.8 compatibility verified
Enhancement: Added COALESCE for better handling of NULL titles in Top Pages
Enhancement: Improved country detection with browser language fallback when IP geolocation fails
Enhancement: Top Pages widget now displays page views instead of clicks for better accuracy

1.0.4 – 2025-11-20

Enhancement: Added file-based storage system for high-traffic sites
Enhancement: Implemented automatic bot detection and filtering
Enhancement: Added performance optimizer with automatic database indexing
Enhancement: Separate mobile and desktop heatmap tracking and visualization
Enhancement: Batch processing for improved performance
Enhancement: Enhanced debug logging system with WordPress-compliant manager
Enhancement: Added Lucide icon library (v0.554.0, ISC License) for modern UI
Security: Replaced direct filesystem operations with WP_Filesystem API
Security: Replaced unlink() with wp_delete_file() for file deletion
Code Quality: WordPress coding standards compliance improvements
Code Quality: Improved data sanitization and validation
Compatibility: Tested up to WordPress 6.8

1.0.3

Security: Fix Unsafe SQL calls
Security: Fix files and directories locations use
Security: Moved inline CSS to external stylesheet
Security: Moved inline JS to external stylesheet
Follows WordPress coding standards
Plugin Check validation passed

1.0.2

Review and fix all the issues listed in the review email.

1.0.1

Security: Enhanced sanitization for $_SERVER variables
Security: Improved json_decode() data sanitization
Security: Moved inline CSS to external stylesheet for WordPress compliance
Code Quality: Added proper sanitization for all user inputs
Code Quality: Enhanced data validation in AJAX handlers
Compatibility: Verified all security checks are in place

1.0.0

Initial release
Visual heatmap tracking
Real-time analytics dashboard
Page performance metrics
User journey tracking
GDPR compliance features
Data export functionality
Multisite support
Debug mode for troubleshooting

Good plugin. Solid free version

Wow, this plugin is actually awesome!