Auto-detected server location in the dashboard widget. Pick the geolocation provider that fits your privacy and accuracy needs — or override manually.

Server Location

This is a PRO feature. Live system resources, sparklines, environment indicators, server location, and more. Upgrade to PRO →

When Show Live System Resources in Dashboard Widget is enabled, the widget shows a Server Location row alongside CPU, memory, disk and the other live metrics. The location is resolved through a deterministic chain so you stay in control of every external call the plugin makes.

Version Info Server Location settings tab in WordPress admin showing the auto-detect toggle, the four-provider dropdown set to Version Info Geolocation (anonymous), and a Detect now button to bust the 30-day cache
The dedicated Server Location tab — enable/disable auto-detect, pick one of four geolocation providers, and force a re-detect on demand. Cached results live for 30 days in the vi_server_location transient.

Resolution Order

For every page load the resolver runs top to bottom and stops at the first match:

  1. Auto-detect disabled — if the Server Location Auto-Detect checkbox is off, the widget shows Auto-detect disabled and no network calls are made.
  2. 30-day cache — successful lookups are cached for 30 days in the vi_server_location transient. Failed lookups cache for 1 hour so a flaky provider doesn't get hammered every page load.
  3. Active provider — one of the four options described below. This is the only step that may make an outbound HTTP request.
  4. Reverse-DNS fallback — if the active provider returns no result, the plugin tries gethostbyaddr(SERVER_ADDR) and uses the hostname (e.g. web-fra-1.example.net (reverse DNS)). Zero network calls beyond DNS.
  5. Unknown — final fallback if every step above fails.

Provider Options

The "Location Provider" dropdown lets you pick which auto-detect backend the plugin uses. Pick once and forget — the result is cached for 30 days, so the choice is more about which company gets to see your IP than about performance.

Provider Data returned Auth Third-party? Notes
Version Info Geolocation (anonymous) (default) City, region, country, postal code, timezone, lat/long, hosting provider name (ASN), Cloudflare datacenter colo None We host it on Cloudflare Workers; logs nothing Most enriched. Free for every PRO customer. The Worker proxies Cloudflare's edge geoIP for your IP and returns the JSON — no database, no persistence, no analytics.
Cloudflare cdn-cgi/trace Country code only None Cloudflare's public 1.1.1.1 endpoint Fastest, simplest, anonymous — but country-level only. Pick this if you want zero auth and zero detail.
ip-api.com City, region, country None (free tier) ip-api.com What the abandoned wp-server-stats plugin used. Free for non-commercial sites at 45 req/min — the 30-day cache means you'll never come close. Subject to ip-api's uptime.
MaxMind GeoLite2 City Web Service City, region, country, hosting provider name Account ID + License Key maxmind.com Best ISP/ASN accuracy. Requires a free MaxMind account; paste the credentials as account_id:license_key in the dedicated field that appears when this provider is selected. Free tier: 1,000 lookups/day.

"Version Info Geolocation (anonymous)" — what it actually does

The default provider hits https://geo.versioninfoplugin.com/locate — our own Cloudflare Worker. The Worker's full source is in the plugin repo at workers/geo-worker.js.

Here's what happens on every lookup:

  1. Your server makes one outbound HTTPS request to geo.versioninfoplugin.com/locate.
  2. Cloudflare's edge attaches geoIP metadata to the request based on your server's IP.
  3. The Worker reads request.cf (city, region, country, postal, timezone, lat/long, ASN, hosting-provider name, CF colo) and echoes the JSON back.
  4. Our plugin caches the result for 30 days.

We don't log the request. We don't persist your IP. We don't sell anything to a third party. The Worker isn't even a database — it's a ~50-line passthrough.

The trade-off versus dropping all auto-detect: this is still our third party. If that's a dealbreaker, switch to Cloudflare cdn-cgi/trace (country only) — it sends the request to Cloudflare directly, with no intermediary — or uncheck Auto-Detect to skip the lookup entirely.

Disabling Auto-Detect Entirely

Uncheck Server Location Auto-Detect on Settings → Version Info → Server Location. With auto-detect off:

  • No outbound HTTP requests are made for location data.
  • The widget row reads Auto-detect disabled.
  • The transient cache is ignored.

Cache Lifecycle

Auto-detected results live in the vi_server_location transient with a 30-day TTL. Two ways to force a refresh:

  1. Click the Detect now button on Settings → Server Location.
  2. Programmatically: delete_transient( 'vi_server_location' ); then load any admin page.

The "Detect now" button is also useful for testing: after you switch providers, click it to see what the new backend returns without waiting for the cache to expire.

Privacy Summary

What goes out When
Your server's IP → geo.versioninfoplugin.com Only when the default provider is active and the cache is empty (≤12 times/year at default 30-day cache).
Your server's IP → 1.1.1.1/cdn-cgi/trace Only when the Cloudflare-trace provider is active.
Your server's IP → ip-api.com Only when the ip-api provider is active.
Your server's IP + MaxMind credentials → geolite.info Only when the MaxMind provider is active.
Nothing When auto-detect is disabled or when the result is cached.

For Developers

Filter / Constant Purpose
vi_server_location transient Manually inject a result that survives 30 days.
version_info_widget_extras_ttl filter Controls the broader extras cache (5 min by default); the location-specific cache is separate.