This article explains why this approach makes sense in real-world WordPress environments, how it works internally, and the safeguards that keep it safe and predictable.
The Real Problem: Cron Is Unreliable in WordPress
WordPress cron is traffic-driven rather than time-driven. On low-traffic sites, scheduled tasks may never run, while on high-traffic sites, frequent cron execution can become unnecessary overhead.
For a security logging system, relying on cron often leads to either uncontrolled log growth or heavy periodic cleanup jobs.
How Init Sentinel Approaches Log Rotation
Init Sentinel does not treat log rotation as a separate subsystem. Instead, cleanup is tightly coupled to the logging lifecycle itself.
Each successful log write has a very small chance of triggering a cleanup operation based on the configured retention period.
The Probabilistic Cleanup Mechanism
Instead of running cleanup on a fixed schedule, Init Sentinel uses randomness to distribute cleanup work evenly over time.
// Probabilistic cleanup of old logs
if ( mt_rand(1,100) === 1 ) {
$days = (int) apply_filters('init_html_sentinel_retention_days', 30);
if ($days < 1) { $days = 1; } if ($days > 3650) { $days = 3650; }
$wpdb->query(
"DELETE FROM {$table}
WHERE created_at < (UTC_TIMESTAMP() - INTERVAL {$days} DAY)"
);
}With a 1 percent trigger probability, cleanup operations are spread across normal traffic patterns instead of being concentrated into a single heavy task.
Why This Strategy Works in Practice
In real usage, the volume of security logs tends to correlate with suspicious or abusive traffic. As logging frequency increases, cleanup naturally runs more often.
When the site is calm and log volume is low, cleanup is rarely needed and therefore rarely executed.
Retention Limits as a Safety Boundary
Init Sentinel does not blindly trust external configuration. Even though retention can be customized via a filter, values are always clamped to a safe range.
- Minimum of 1 day to avoid accidental immediate data loss.
- Maximum of 10 years to prevent runaway retention and heavy queries.
These limits ensure the system remains stable even if misconfigured.
UTC Timestamps and Cleanup Accuracy
All timestamps are stored in UTC, ensuring cleanup comparisons remain consistent regardless of WordPress or PHP timezone settings.
This guarantees that retention logic behaves predictably across environments.
When a More Advanced Rotation Strategy Is Needed
The probabilistic cleanup approach works well for most WordPress installations, including high-traffic sites.
Only at very large scales or under strict compliance requirements should more advanced solutions such as table partitioning or batch cleanup processes be considered.
Conclusion
Log rotation in Init Sentinel is not an afterthought but a deliberate architectural decision focused on simplicity, distribution, and resilience.
By embedding cleanup logic directly into the logging flow, Init Sentinel keeps its security log table healthy over time without cron jobs, complex scheduling, or performance bottlenecks.
Comments