Install guide

Install on WordPress

You install the Frenemy plugin, paste your site key, and answer one question about how traffic reaches your server. About two minutes, no code.

Like every Frenemy install, the plugin is observe-only and fails open — and it has a Pause switch built into its settings.

The flow
  1. 1Add site
  2. 2Connect
  3. 3Verify
  4. 4Done

Before you start

  • A self-hosted WordPress site (WordPress.org), with permission to install plugins. This is not for WordPress.com.
  • Some managed hosts lock plugin installs — if Plugins → Add New is disabled, check with your host.
  1. 1

    Get your site key

    Sign in at app.frenemy.dev, add your site, and choose the WordPress plugin. Frenemy shows your site key once.

    Watch outYour site key is shown once and can't be retrieved. Copy it before you leave this screen.

    app.frenemy.dev

    Your site key

    fk_live_9Qy2…do8xCopy

    Copy your site key now — it’s shown once and can’t be retrieved.

    Illustration — your site key, shown once. Copy it before leaving.
  2. 2

    Install the plugin

    In your WordPress admin, go to Plugins → Add New and search for Frenemy. Click Install Now, then Activate.

    It comes from the official WordPress.org directory — no zip upload or FTP needed.

    example.com/wp-admin · Plugins › Add New
    Search plugins: Frenemy
    Frenemy — Know Your TrafficVerify, classify, and act on your non-human traffic.
    Install Now
    Illustration — searching for the plugin in the WordPress admin.
  3. 3

    Paste your site key

    Go to Settings → Frenemy and paste the key from step 1 into the Site key field, then Save. Treat the key like a password.

    example.com/wp-admin · Settings › Frenemy
    Site key••••••••••••••••••••How does traffic reach this server?
    Directly — nothing in front of it Through Cloudflare Through another proxy or CDN, or not sure
    Pause observation (settings are kept)
    Save Changes
    Illustration — the plugin settings: your key, one topology question, and a Pause switch.
  4. 4

    Tell Frenemy how traffic reaches your server

    On the same settings screen, answer one question: does traffic reach your server directly, through Cloudflare, or through another proxy or CDN?

    If you're not sure, leave the safe default. Frenemy simply won't claim to verify visitor IPs until you confirm how it can trust them.

  5. 5

    Verify

    Open https://example.com/?frenemy=check in a private browser window, then return to the wizard. The extra bit on the end makes your page cache step aside so the request actually reaches WordPress, and the wizard flips to Connected.

    example.com/?frenemy=check

    Opening https://example.com/?frenemy=check in a private window forces a cache miss, so the request reaches WordPress and the plugin reports in.

    WAITING → CONNECTED ✓
    Illustration — open this in a private window; the query string makes your page cache step aside.

What this install can see

Every number in your dashboard traces to what this install can actually observe — nothing is estimated or filled in.

It sees

Every request that reaches WordPress itself.

It doesn’t see

Pages served straight from a cache or CDN before WordPress runs. Response size usually can't be measured from here, so bandwidth isn't shown (never a fabricated zero).

Troubleshooting WordPress

I installed it but see no data.

Confirm the plugin is Activated and your key is saved under Settings → Frenemy. If you run an aggressive page cache, log in to wp-admin and reload your homepage — logged-in traffic always reaches WordPress — or use the /?frenemy=check link, which busts the cache.

How do I pause or remove it?

Settings → Frenemy has a Pause observation toggle that stops classifying while keeping your settings. You can also deactivate the plugin, or set FRENEMY_DISABLED in wp-config.php.

More fixes in Troubleshooting, or email support@frenemy.dev and a human will help.