WP Debug Toolkit 1.1.0 is LIVE. Get $300 discount on the lifetime deal now
Use Discount Code WPDTLTD
Get Started Now
Home
Features
Error Log Viewer
A Better Way to Check WordPress Logs
Query Viewer
Fast, Lightweight Database Monitoring
Email Alerts Viewer
Know About Issues Before Your Clients Do
Pricing
Account
New Release: WP Debug Toolkit 1.1.0 Is Live
February 23, 2026
Elias Lista
Articles

1.1.0 is the biggest update since launch. It adds real-time database query monitoring, a full WP-CLI interface, encrypted query logs, automatic log maintenance, and a ground-up security overhaul of the standalone viewer.

Highlights

  • Query Logger — Real-time database query monitoring with slow query detection, N+1 identification, per-component performance breakdowns, and encrypted logs at rest.
  • WP-CLI commands — Manage debug settings, the standalone viewer, license activation, and log files entirely from the terminal (wp dbtk).
  • Automatic log cleanup — Configurable delete, archive, or truncate strategies with size limits and age-based rotation.
  • Security hardened viewer — Mandatory password protection, SQLite-backed rate limiting with progressive lockout, session timeouts with IP binding, and expanded path traversal prevention.

What’s New

Query Logger

Monitor every database query WordPress executes in real time. The Query Logger captures timing, caller backtraces, and component attribution so you can pinpoint exactly what’s slow and why.

  • Slow query detection with configurable threshold — flag queries that take longer than they should
  • N+1 query detection — automatically identifies repeated queries and shows aggregate statistics
  • Query Statistics Dashboard — visual breakdowns of query performance by component, with stats that recalculate dynamically as you filter
  • Error logging — captures database errors with detailed messages and filtering
  • Export — download query data as CSV, JSON, or TSV with accurate component attribution
  • Encrypted at rest — query log files in uploads are encrypted line-by-line; the viewer decrypts them using a key from its config
  • Configurable limits — tune dashboard history depth, tail scan size, and max entry size from the viewer settings panel (K)

WP-CLI Commands

Full command-line management of the plugin via wp dbtk:

  • wp dbtk debug on/off/status — toggle WP_DEBUG, WP_DEBUG_LOG, and WP_DEBUG_DISPLAY
  • wp dbtk license activate/deactivate/status — manage your license key
  • wp dbtk viewer setup/remove/status — install or remove the standalone viewer
  • wp dbtk log clear/stats — clear or inspect the debug log
  • wp dbtk query-log on/off/clear/stats — control query logging

All commands include structured error handling with exception logging, confirmation prompts on destructive operations (--yes to skip), and --format=json output for scripting.

Automatic Log Cleanup

The debug log no longer grows unbounded. Configure automatic maintenance with three strategies:

  • Delete — remove logs older than a retention period
  • Archive — compress old logs before removal
  • Truncate — keep only the most recent portion of oversized logs

Set size limits and age thresholds from the Settings page. Cleanup runs automatically on a schedule.

Security

This release significantly hardens the standalone viewer:

  • Mandatory password protection — viewer setup now requires an 8-character minimum password (no more optional auth)
  • Rate limiting — SQLite-backed progressive lockout: 5s, 30s, 5 min, 30 min, 1 hr, 24 hr. Falls back to file-based rate limiting when PDO SQLite is unavailable.
  • Session security — 30-minute timeout with IP binding
  • Path traversal prevention — expanded blocklist including secure-debug.php for GridPane compatibility
  • Syntax validation — replaced exec() with token_get_all() for PHP syntax checks
  • Scoped CORS — headers limited to plugin endpoints only
  • Config safety — fixed wp-config.php case-sensitivity bypass and duplicate constant issues

Settings and UI

  • Redesigned Settings page with modern tabbed interface
  • PHP memory limit management — adjust WP_MEMORY_LIMIT directly from Settings (writes to wp-config.php)
  • Upload limit controls via WordPress filters
  • Error level selection — choose which levels to log (Debug, Info, Warning, Error)
  • Custom file paths — set DBTK_CONFIG_PATH and DBTK_LOG_PATH constants to override defaults
  • License management moved to Settings for a unified experience
  • Partner discounts page for ecosystem tools

Viewer Improvements

  • Permissions health check with one-click repair in WordPress Site Health
  • Crash recovery redesign — cleaner UI with granular plugin/theme controls
  • Installer wizard — step-by-step viewer setup with clear guidance
  • Subfolders support — viewer installation works correctly when WordPress lives in a subdirectory
  • Cache busting in both Admin and Viewer apps

Developer Experience

  • WordPress i18n support via wp-i18n
  • Psalm static analysis with type hints throughout the codebase
  • Targeted cache clearing — only clears plugin-specific transients instead of flushing the entire object cache
  • Modular licensing with grandfathered benefits for early adopters

Full Changelog

  • New: Query Logger with real-time database query monitoring and slow query detection
  • New: Query Statistics Dashboard with visual performance breakdowns
  • New: N+1 query detection with aggregate statistics
  • New: Database query error logging with filtering
  • New: Query export to CSV, JSON, and TSV formats
  • New: Dynamic query statistics that recalculate based on active filters
  • New: WP-CLI commands for debug, license, viewer, log, and query-log management (wp dbtk)
  • New: Automatic log cleanup with delete/archive/truncate strategies and age-based rotation
  • New: PHP memory limit management in Settings
  • New: Upload limit controls via WordPress filters
  • New: Viewer permissions health check with repair button in Site Health
  • New: Email notification system for error alerts with customizable templates
  • New: Modular licensing system with grandfathered benefits
  • New: Viewer settings for query dashboard limit, tail scan MB, max entry MB
  • New: Partner discounts page
  • Added: Custom file paths configuration (DBTK_CONFIG_PATH, DBTK_LOG_PATH)
  • Added: Error level selection (Debug, Info, Warning, Error)
  • Added: Cache busting in Admin and Viewer apps
  • Added: WordPress i18n support
  • Added: Psalm static analysis with type hints
  • Security: Query logs encrypted at rest
  • Security: Mandatory password protection for viewer (8-character minimum)
  • Security: SQLite-based rate limiting with progressive brute-force protection
  • Security: Enhanced session security with 30-minute timeout and IP binding
  • Security: Strengthened path traversal prevention with expanded blocklist
  • Security: Replaced exec() with token_get_all() for PHP syntax validation
  • Security: Fixed wp-config.php case-sensitivity bypass in viewer
  • Security: Added protection for secure-debug.php (GridPane)
  • Security: Scoped CORS headers to plugin endpoints only
  • Security: Restricted wp-config backup file permissions
  • Security: Hardened viewer config and auth files against direct access
  • Security: Expanded viewer blocked files list with additional sensitive file patterns
  • Security: Added directory listing protection for query log storage
  • Improved: Settings UI redesign with tabbed interface
  • Improved: Redesigned crash recovery with granular plugin/theme controls
  • Improved: Viewer installer wizard with step-by-step guidance
  • Improved: Setup wizard defaults tools to disabled — users opt in consciously
  • Improved: Production and performance warnings in setup wizard for debug mode and query logging
  • Improved: “Install without tools” option to set up the viewer without enabling debugging tools
  • Improved: License management moved to Settings page
  • Improved: Enhanced output buffer management
  • Improved: Targeted cache clearing (plugin transients only)
  • Improved: Better type safety and code quality across PHP and React
  • Fix: Query Viewer tail reader no longer returns 0 entries on huge final log line
  • Fix: Viewer auth rate limiter fallback when PDO SQLite is unavailable
  • Fix: Directory permission issues on restrictive servers (umask handling)
  • Fix: Viewer installation on hosts with WordPress in subfolders
  • Fix: Path validation supports relative paths securely
  • Fix: Health check properly loads WordPress admin functions
  • Fix: Admin CSS isolation prevents conflicts with other plugins
  • Fix: Compatibility with UiPress Lite and WP Dark Mode
  • Fix: wp-config.php duplicate constants when reinstalling viewer

Upgrade Notes

  • Redeploy the standalone viewer after updating. The viewer files on your web root need to be refreshed to pick up the new Query Viewer, encrypted log support, and rate limiter improvements. Use wp dbtk viewer setup --password=<pass> or the Settings page.
  • Existing query logs from beta builds won’t be readable after the update (encryption key changes). Clear them and start fresh.
  • Shared hosting users: if you see a “Large entries skipped” banner in the Query Viewer, the default limits are conservative by design. Raise them gradually from viewer settings (K).
Want to try it first?
We can't offer you a free trial, but we do have a great demo where you can testdrive all features for free for seven days and (spoiler alert) even get a discount on your purchase
Free 7-day trial
No credit card required
Try WP Debug Toolkit Pro Now