| 开发者 |
jachtdigital2026
easyserversidetracking |
|---|---|
| 更新时间 | 2026年6月30日 18:12 |
| PHP版本: | 7.2 及以上 |
| WordPress版本: | 7.0 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
collect.easyserversidetracking.com), which normalizes, deduplicates, and forwards them to Google Analytics 4 using the Measurement Protocol. Because requests go to a first-party-style endpoint rather than directly to Google, common content blockers no longer drop your analytics traffic.
The plugin auto-provisions a free-tier account on activation — no license key is required to start using it, and the free tier is fully functional indefinitely. Optionally, you can buy a license on the management service to raise this site's server-side limits (higher monthly event volume and longer dashboard retention). Those limits are applied and enforced entirely on the service; the plugin itself never locks, disables, or restricts any built-in feature.
Features
https://collect.easyserversidetracking.com/ over HTTPS with a short-lived HMAC token.google-analytics.com/g/collect or /mp/collect), and stores a copy for the dashboard.dashboard.easyserversidetracking.com, where you log in to view them and upgrade. The plugin does not track event counts or limits locally./wp-content/plugins/ (or install via Plugins → Add New → Upload Plugin).Plans are managed entirely on the dashboard — you never enter a license key in WordPress. Buy or change a plan at https://dashboard.easyserversidetracking.com/, then on Account → Websites use the Plan dropdown next to a site to assign it the plan (or switch it back to the Default free plan). The new monthly limit is applied to the tracking service automatically; no change is needed in WordPress.
No account is required to use the plugin's free tier. The plugin auto-provisions a free site on activation. You can optionally create a paid account at https://dashboard.easyserversidetracking.com/ for higher limits and additional features.
It can run alongside gtag.js (hybrid mode), or you can rely entirely on the server-side path. The script is loaded from googletagmanager.com only when hybrid mode is enabled in the Settings screen.
Each event includes: event name, page URL, page title, referrer, anonymized client ID and session ID, consent state, and event-specific parameters (e.g. WooCommerce order IDs, scroll percentages, click targets). The visitor's IP address is processed by the worker for geo-resolution and rate limiting but is not stored long-term. No personally identifiable information (name, email, address) is sent unless you explicitly configure user-data fields.
After activation the License page shows your site_id and a link to the management dashboard, where you can view your live event log, monthly usage, and configure plan options.
Yes. Deactivating the plugin stops event collection. The plugin's options can be deleted via the standard WordPress plugin uninstall flow.
wp_head outputs (the googletagmanager preconnect hint and the early gtag consent script) were still gated on the provisioning id alone, so they could fire on grandfathered or consent-withdrawn sites. Both now require explicit consent AND provisioning, matching the tracker.WPINC, which silently aborted the suite) and added coverage for the consent mapping./g/collect proxy. The mere presence of a provisioning id (esst_site_id, which can survive an upgrade) no longer enables anything. Legacy installs with a provisioning id but no consent record now stay OFF and show a notice prompting the admin to review and enable. Withdrawing consent fully stops tracking.gcs signal, defaulting to denied) instead of a hardcoded "granted" value.$_GET WooCommerce variation attributes are now unslashed, sanitized (sanitize_key / sanitize_text_field) and validated before being passed to WooCommerce's variation matcher.Class "JachtSST\\Admin\\GA4_Server_Side_Tagging_Admin" not found on the License page in 5.1.2 — the consent panel referenced the pre-rename class symbol. Fixed to use the real class name Jachtsst_Server_Side_Tagging_Admin.jacht-easy-server-side-tracking (previously had a stale reference to the slug originally proposed in the wp.org review).Tested up to: 7.0.bad_page_token / HMAC verification failures so events are accepted without re-provisioning.TypeError: setupEventCountFlushHandlers is not a function. The orphaned calls (left over from the v5.0.2 client-side limit-enforcement removal) have been deleted, so the tracker reaches the end of its init path again.ESST_MGMT_BASE_URL override note. Customers shouldn't be altering this endpoint.event_count option to ga4_event_count (with an automatic one-time migration). Sanitized all $_SERVER reads with sanitize_text_field( wp_unslash() ). Removed shipped legacy plugin-v4/ source tree and the wp-admin/includes/upgrade.php test mock.External services section documenting every external endpoint the plugin contacts, with terms and privacy links. Tags revised to remove trademarked terms.429 quota_exceeded, the management server returns allowed: false in report-usage.plan_id onto lm_websites on license/activate and report-usage.client_id, session_id, user_id, consent, and context — previously some paths (scroll, click, batched events) sent client_id nested under params which the central worker rejected with HTTP 400 missing_client_id.bad_page_token (401) responses now trigger a token refresh + retry once, so tabs left open across a re-provision auto-heal.cf_site_id every time — no more orphaned worker sites and no more HMAC mismatches.log_only POST to the central worker so events are counted even when content blockers block the JS bundle on the customer's browser.sendAjaxPayload and sendBatchPayload — esstSendEvent is the single event-sending path. Worker no longer receives batches; each event is one request.collect.easyserversidetracking.com) using a short-lived per-page HMAC token.site_id, plan, this-month usage. (Merged into the License page in a later release.)ga4_event_queue / ga4_event_logs tables (data not migrated).