What good is data if you can’t see it? With more than 50% of the population using mobile or desktop ad blockers, it can be impossible to actually gauge readership. This is why I use a VPS hosting plan both for this site (for my writing) and my professional site (UX portfolio). So what are the benefits of this more expensive hosting plan, and what tools does it offer?
A VPS, or virtual private server, affords you as the webmaster a dedicated server and corresponding IP address. Unlike cloud servers hosting a WordPress environment, this gives you complete control over the back-end. I have been able to employ custom configurations for loading times as well as security measures.
But how does a VPS allow webmasters to see more data? A VPS has a c-panel where various tools are available, including server logs. ANY request sent to that server, even the download of a post via a JSON or XML format, is visible to the webmaster. Bot traffic, like scrappers from OpenAI are also visible and therefore easier to block on the back-end. Default cloud plans only allow plugins like JetPack, which uses cookies to monitor hits and web traffic. Since most users employ some form of ad-block, JetPack will not trigger those cookies and you will miss the vast majority of visits to your site.
What can a VPS user see in their server logs? Well, everything. Any request, even to the antiquated WordPress /xmlrpc.php (which I have disabled for security reasons) is visible, even if it doesn’t transfer data. The only downside to this is most server logs will overwrite themselves after a 24h period, or threshold for hits (usually starting around 1000 for smaller traffic sites). Awstats is a c-panel tool which provides total hits, but only if the request transfers data. So if you block /xmlrpc, you won’t be able to see the requests to that extension, if it does not transfer data, in Awstats. Awstats also does not show pages clicked on, only a hit. So if you don’t back up your logs or check, you will not have true insight unless you pay for a larger log size. Xmlrpc.php is a common exploit in WordPress, along with login.php. Hiding or relocating these directories is good security practice. Only with a VPS can you actually detect bad bot traffic and block it at the root level.
Having access to this data most importantly allows me to see how many people are actually reading my posts, even if an ad-block is employed. While no tracking occurs due to GDPR rules and tracking limitations compliant with the end-user’s privacy settings, I can still see the page request along with corresponding IP, link origin and data transfer along with browser type and time of entry. To obscure link origin, you can always copy/paste a link from a social site instead of clicking from within a post and it will appear simply as a direct hit.
Having logs of server activity also allows me to not only block bad bots, it gives me control over AI data scraping tools as well. For example, 20.102.*.* is the range for OpenAI crawlers. Using the * in place of the last two values allows me to block entire ranges of IP addresses on my server. Since I own my server, I can do this at a root level v. paying for a less effective plugin. Patterns are also easy to detect based on how IP addresses work. While a VPS will not tell you country of origin, tools like pulsedive allow you to look up an IP and also check it against bad bot feeds. A normal value will appear as low risk, hosted on a common IP or VPN network. If a user has a dedicated IP address, whether through a VPN or home network, that IP will have the same two values and the last two can change periodically, but the first two will always correspond to that dedicated IP. This is how I was able to successfully determine a former mentor of mine was reading my posts over the summer and early Fall. I had my old server logs from a defunct site backed up and compared those values against that data. However, this too is easy to obscure by using a cloud-based VPN and tunneling through another country. Then I have no way of knowing because there is no common identifier. If the goal is to show they are reading, then they can simply elect to use a dedicated VPN.
VPS servers are not inexpensive. If you want total control over your writing, who can access it, and understand actual metrics, it is the only solution. Tacking on too many plugins will cause your site to load slower, and cause security vulnerabilities. I use BlueHost, but any number of AWS offerings work too. While there is more technical know-how required, plenty of tutorials exist. Most of these hosting plans also offer secure WordPress integrations as well, allowing you to manage your dashboard through the hosting platform. You can always add Elementor and Elementor Pro to handle front-end development without needing to know how to code (although it is better to understand basic layout and some CSS customization). In the end more control allows me a superior experience as a webmaster, and gives me a complete picture of my website’s performance and traffic. For me, I would never consider another option and it is why I recommend that investment for anyone serious about their writing or reach.
Discover more from MK Leibman Writer
Subscribe to get the latest posts sent to your email.