Debug Mode & Diagnostics
LicenceForge provides several diagnostic tools for investigating issues: WordPress debug logging, the built-in audit log, webhook event inspection, health checks, and WP-CLI commands. This page explains how to use each one effectively.
Critical
Never leave WP_DEBUG enabled on a production site. Debug output can expose database table names, file paths, PHP configuration, and plugin internals to attackers. Enable it only temporarily while investigating a specific issue, then disable it immediately afterward.
Enabling WordPress Debug Logging
WordPress debug mode captures PHP errors, warnings, and notices generated by LicenceForge and writes them to a log file instead of displaying them on screen.
Configuration
Add the following constants to your wp-config.php file, before the line that reads /* That's all, stop editing! */:
define( 'WP_DEBUG', true );
define( 'WP_DEBUG_LOG', true );
define( 'WP_DEBUG_DISPLAY', false );| Constant | Purpose |
|---|---|
WP_DEBUG |
Enables debug mode globally. Required for the other two constants to take effect. |
WP_DEBUG_LOG |
Writes debug output to wp-content/debug.log instead of discarding it. |
WP_DEBUG_DISPLAY |
Set to false to prevent errors from being displayed to visitors. Always disable this on production. |
Log Location
Debug output is written to:
wp-content/debug.logYou can tail this file in real time while reproducing an issue:
tail -f wp-content/debug.logDisabling Debug Mode
When you have finished investigating, set all three constants back to their production values:
define( 'WP_DEBUG', false );
define( 'WP_DEBUG_DISPLAY', false );
define( 'WP_DEBUG_LOG', false );Audit Log
The wplf_audit_log table records every significant license operation performed by LicenceForge. It is the primary diagnostic tool for investigating license-related issues without enabling WordPress debug mode.
Table Structure
| Column | Description |
|---|---|
action |
The operation performed (e.g. validate, activate, deactivate, license_create, license_expire) |
product_slug |
The product associated with the operation |
outcome |
Result of the operation: success or failure |
ip_hash |
Truncated SHA-256 hash of the client IP address (for privacy) |
metadata |
JSON object with additional context (error messages, license IDs, site URLs, etc.) |
created_at |
Timestamp of the operation |
Querying the Audit Log
View the 20 most recent audit log entries:
wp db query "SELECT id, action, product_slug, outcome, created_at FROM wp_wplf_audit_log ORDER BY id DESC LIMIT 20"Filter by a specific action (e.g. failed validations):
wp db query "SELECT * FROM wp_wplf_audit_log WHERE action = 'validate' AND outcome = 'failure' ORDER BY id DESC LIMIT 10"You can also view the audit log through the admin panel at LicenceForge > Audit Log. See Audit Log Panel for details on filtering and exporting.
Webhook Events
The wplf_webhook_events table records all incoming webhook events from Stripe and WooCommerce, including their processing status and any error messages.
Key Column: processing_error
When a webhook event fails to process, the reason is stored in the processing_error column. Common values include:
Signature verification failed— Webhook secret mismatchProduct not found for WC product ID— Price tier mapping issueLicense creation failed: duplicate key— Idempotency conflict
Query recent failed webhook events:
wp db query "SELECT event_id, event_type, status, processing_error, created_at FROM wp_wplf_webhook_events WHERE status = 'failed' ORDER BY id DESC LIMIT 10"Health Checks
LicenceForge includes a built-in health check system that verifies the integrity of your installation. Health checks can be triggered in two ways:
Via the Admin Panel
Navigate to LicenceForge > Settings > Health and click Run Health Check. Results are displayed immediately on the page.
Via the REST API
Send a GET request to the health endpoint:
curl -H "X-LicenceForge-Key: your-api-key" \
https://your-site.com/wp-json/wplf/v1/healthThe response includes the status of each check (database tables, cron jobs, file permissions, encryption, and more). Any check returning warning or error includes a message describing the issue.
WP-CLI Diagnostic Commands
The following WP-CLI commands are useful for diagnosing LicenceForge issues from the command line.
Check Plugin Version
# Installed plugin version
wp option get wplf_version
# Database schema version
wp option get wplf_db_versionList Cron Events
Verify that all LicenceForge cron events are registered and scheduled:
wp cron event list --fields=hook,next_run_relative,recurrence | grep wplfIf any events are missing, deactivate and reactivate the plugin to re-register them.
Check Last Maintenance Run
wp option get wplf_last_maintenance_runThis returns a Unix timestamp. If the value is more than 48 hours old, the daily maintenance cron is not running. See Cron Jobs for troubleshooting steps.
Query Recent Audit Entries
wp db query "SELECT * FROM wp_wplf_audit_log ORDER BY id DESC LIMIT 20"Inspect LicenceForge Options
wp db query "SELECT option_name, option_value FROM wp_options WHERE option_name LIKE 'wplf_%'"Common Log Messages
The following messages may appear in debug.log or the audit log. Each entry explains what the message means and whether action is required.
| Message | Source | Meaning |
|---|---|---|
License key hash mismatch |
Audit log | The provided license key does not match any stored hash. Either the key is invalid or the auth salts changed. |
Rate limit exceeded for IP |
Audit log | A client exceeded the per-IP rate limit. Usually benign, but frequent occurrences from the same hash may indicate abuse. |
Webhook signature verification failed |
Webhook events | The Stripe webhook signing secret does not match. Check the secret configuration. |
Download token expired |
Debug log | A client attempted to use a download token after its 5-minute validity window. Check server time sync. |
Cron event not found |
Health check | One or more LicenceForge cron events are not registered. Deactivate and reactivate the plugin. |
Maintenance overdue |
Health check | Daily maintenance has not run in over 48 hours. Verify WP-Cron or server cron configuration. |
Diagnostic Workflow
When investigating an issue, follow this recommended sequence:
- Run the health check from LicenceForge > Settings > Health to identify any systemic problems.
- Check the Audit Log for recent failures related to the affected operation.
- If the issue involves webhooks, inspect the
wplf_webhook_eventstable for processing errors. - If the above steps do not reveal the cause, enable
WP_DEBUGtemporarily, reproduce the issue, and reviewdebug.log. - Disable
WP_DEBUGimmediately after collecting the relevant log output.
Related Pages
- Health Checks — Full health check reference and alert configuration
- Cron Jobs — Scheduled task configuration and troubleshooting
- Audit Log Panel — Admin panel interface for browsing audit entries
- Security Best Practices — Production hardening recommendations
- License Issues — License validation and activation problems