Session Shredder for WooCommerce
Session Shredder is a production-grade, rule-based session cleanup plugin for WooCommerce 10.3+. WooCommerce 10.3 introduces experimental guest session storage and auto-pruning. Session Shredder builds directly on this already available foundation and adds behavior-based heuristics that predict which sessions are zombies (safe to prune) versus keepers (should be retained). Highlights – Heuristic pruning – Uses anonymized features (session age, pageviews, cart value, etc.) and conservative rules to identify low-value sessions. – Configurable rules & thresholds – Tune base age, hard timeout, bounce detection, and cart-protection rules from a dedicated WooCommerce settings screen. – Safe thresholds – Only considers sessions past a base age window and is biased towards keeping anything that shows meaningful activity or cart value. – Robust behavior – Even if tracking data is sparse, a conservative rule-based strategy kicks in (e.g. hard 72h timeout, bounces with no cart value). – Privacy-first – No PII is stored. Session IDs and countries are hashed; only coarse behavioral data is used. – Native Woo 10.3 integration – Reads from the WooCommerce session table (supports both legacy and new tables) and plays nicely with the core experimental pruning. – HPOS compatible – Declares compatibility with WooCommerce High-Performance Order Storage (custom order tables) and never touches orders, only session data. – Admin dashboard – Under WooCommerce → Session Shredder you get active sessions, pruned counts, a Chart.js visualization of active & pruned sessions per run, and a compact “Recent runs” summary. – Logging & observability – Uses wc_get_logger() for info/error logging; integrates cleanly with existing WooCommerce logs. Session Shredder is structured for real-world stores and designed as a companion to WooCommerce’s experimental guest session engine. It stays fully rule-based out of the box, but developers can extend it via hooks if they ever want to plug in external scoring services or AI endpoints. Why not rely only on the WooCommerce experimental pruning? – Core experimental pruning is largely age-based and opaque. – Session Shredder adds behavior-aware rules (pageviews, cart value, bounce flag) on top of age. – You get a dry-run mode to analyze impact before deleting anything. – The dashboard gives you visibility into how many sessions were pruned per run and how many sessions remained active. – WP-CLI commands let you script and automate analyze/prune runs. – It works alongside WooCommerce experimental guest sessions and HPOS rather than replacing them: Woo can still prune based on its own rules, while Session Shredder adds a tunable, rule-based layer with better reporting. How It Works Feature collection – On each page load, Session Shredder tracks session activity: – Session age (hours since first seen) – Pageviews count – Cart value (numeric) – Whether anything was added to cart – Geolocation hash (hashed billing/shipping country) – Simple bounce indicator (single pageview, no cart) – Features are stored per-session in non-autoloaded options and never include raw session IDs or user identifiers. Rule-based pruning – An hourly cron (session_shredder_cron) scans the WooCommerce session table for candidates based on age. – For each candidate, the plugin: – Loads stored features – Applies conservative rules like: – Session older than a hard timeout window (e.g. 72 hours) – Single pageview and no cart value – If the rules deem the session a low-value “zombie”, it is pruned. Stats & visualization – After each real run, Session Shredder records: – Total pruned sessions (lifetime and today) – A short history of recent runs, including how many sessions were pruned and how many remained active before/after each run – The admin dashboard renders a Chart.js line graph of active & pruned sessions per run via a secure AJAX endpoint, plus a compact “Recent runs” table. For developers Session Shredder exposes a small set of hooks and CLI commands so you can integrate it into more advanced workflows without forking the plugin. Hooks – session_shredder_features( array $features, string $session_hash ) – Filter the behavior feature array before it is stored and later used for pruning decisions. – $session_hash is a hashed identifier of the session (no raw IDs or PII). – session_shredder_base_age_hours( float $base_age_hours ) – Adjust the base age window (in hours) before sessions are considered as prune candidates. – session_shredder_should_prune( bool $should_prune, array $features ) – Override or refine the core rule-based decision for a given session. – session_shredder_feature_options_soft_limit( int $soft_limit ) – Adjust the soft cap for how many per-session feature options (session_shredder_features_*) are kept in wp_options before garbage collection trims the oldest entries. – session_shredder_feature_options_gc_batch( int $batch_size ) – Adjust how many feature options are removed per garbage-collection pass when the soft limit is exceeded. Larger values clean up faster; smaller values spread work over more runs. – session_shredder_before_run( float $base_age_hours, bool $dry_run ) – Fires before a prune run (cron, manual, or CLI) starts. – session_shredder_after_run( int $pruned_count, bool $dry_run ) – Fires after a prune run completes (dry-run or real). – session_shredder_pruned( int $pruned_count ) – Fires after a real prune run that actually deletes sessions; useful for logging or additional cleanup. WP-CLI commands If WP-CLI is available, Session Shredder registers the following commands: – wp session-shredder analyze – Performs a dry run using the current rules and settings. – Outputs the total number of sessions and how many would be pruned, without deleting anything. – wp session-shredder prune – Runs a real prune using the current rules and settings. – Deletes matching sessions, updates stats, and logs a summary.
Top keywords
- session37×4.23%
- session shredder20×2.29%
- shredder20×2.29%
- sessions15×1.72%
- run13×1.49%
- prune11×1.26%
- pruned11×1.26%
- woocommerce11×1.26%
- age10×1.14%
- rules9×1.03%
- cart8×0.92%
- many7×0.80%
Persistent Login
Persistent Login keeps users logged into your website, limits the number of active logins allowed at one time and alerts users of new devices logging into their account. Persistent Login: Keep wordpress users logged in forever Persistent Login keeps users logged into your website unless they explicitly choose to log-out. It allows you to limit the number of active logins each user can have, and it alerts users of logins from new devices. Persistent Login requires little set-up, just install and save your users time by keeping them logged into your website securely, avoiding the annoyance of forgetting usernames & passwords. For added security, users can visit their Profile page in the WP Admin area to see how many sessions they have, what device was used and when they were last active. The user can choose to end any session with the click of a button. Persistent Login Selects the ‘Remember Me’ box by default. If left checked, users will be kept logged in for 1 year Each time a user revisits your website, their login is extended to 1 year again Dashboard stats show you how many users are being kept logged in Force log-out all users with the click of a button Users can manage their active sessions from the Profile page in the admin area Support for common plugins out of the box Secure, fast and simple to use! Active Logins Option to limit the number of active logins to 1 per user New logins can be blocked, or the users oldest login ended automatically Manage your own active logins from your Profile page in WP Admin Option to hide the Active Logins section from the WP Admin profile page Login History Notify users of logins from new devices for improved security Set your own email notification message that is sent to users Allow users to see their login history from their Profile page in WP Admin Top Tip Once the plugin is installed, click the End all Sessions button from the Persistent Login settings page to encourage users to login again and be kept logged in forever! Note This plugin honours the ‘Remember Me’ checkbox. It is checked by default, but if it is unchecked the user won’t be remembered. Premium Version There is a premium version of the plugin for those who want more control. Visit persistentlogin.com to learn more. The premium plan offers the following features: Premium Persistent Login Features Hide the ‘Remember Me’ checkbox, so that users are always remembered Manage which user roles have persistent login Set how long users are kept logged in for (up to 400 days) Session management for users: Users can see all logins with Block Editor and Shortcode support Session management for admins: End any users session from the admin area quickly and easily Priority Support direct from within WP admin Premium Active Login Features Control which roles have active login limits applied Select exactly how many active logins users are allowed When the limit is reached: Auto-logout oldest login, let the user decide which session to end, or block the login. Premium Login History Features Allow users to see their login history on the front-end with Block and Shortcode support. Account inavctivity emails: Notify users after a period of time without logging in. Stop users being logged out of WordPress Stop users being logged out of WordPress with Persistent Login plugin. Ensure extended login sessions, reduce frustration for administrators and visitors. By keeping users active, Persistent Login improves user experience, lowers bounce rates, and prevents disruptions. This plugin integrates seamlessly with WordPress to optimise session management without compromising security. Configure your preferences and let the plugin handle everything. You can customise durations for persistent logins and minimise repeated authentication prompts. Ultimately, this tool streamlines WordPress operations, ensures convenience, and provides peace of mind. Stop users being logged out of WordPress by installing today and gain uninterrupted access to your website.