Foreground CAPI Health Check

The browser Meta Pixel is broken for ~30% of your visitors after iOS 17 and iOS 18 changed how Apple devices handle tracking. Most marketing managers running WordPress have no easy way to tell if their Pixel + CAPI setup actually works.

This plugin runs a 12-check audit against your site’s front page and gives you a score from 0 to 100, plus plain-English explanations of what each failure means and how to fix it.

Free forever. No signup, no upsell harassment, no phone-home. Every audit runs locally on your server.

Need it fixed for you? If your score is below 85 and you’d rather not learn server-side CAPI from scratch, we offer a flat-fee Pixel Fix service: $497, delivered in 4 business days. One link to that service appears inside the plugin admin only when your score is below 85. The audit works completely whether or not you use the paid option.

What it checks

• Meta Pixel installed and parseable
• Domain verification (iOS 14+ critical)
• Pixel events firing (PageView, Purchase, Lead, etc.)
• Advanced Matching (the single biggest EMQ lever)
• CAPI deduplication via eventID
• Consent Mode v2 / cookie banner presence
• Google Tag Manager container
• fbclid first-party capture (iOS 17 / iOS 18 Link Tracking Protection)
• external_id in Advanced Matching (iOS 18 Hide My Email answer)
• Server-side CAPI plugin presence
• Apple Privacy Manifest readiness (if you link to an iOS app)
• HTTPS enforced

What it does NOT do

• No phone-home. Every audit runs on your server against your URL. Nothing is sent to Foreground.
• No email capture. No signup wall.
• No subscription, no paid tier, no upsell harassment.
• No automatic re-runs or cron jobs.

Made by Foreground Digital

Foreground is a Dubai-based digital agency. We build Meta Ads campaigns and the server-side infrastructure that catches them — Pixel + CAPI, CRM integrations, WordPress + headless. Founded 2024.

External services

This plugin makes ONE outbound HTTP request, and it goes only to your own WordPress site. No data is ever sent to Foreground, Meta, or any other third party.

1. Your own site’s home URL (self-audit request)

• What it is: A standard HTTP GET request to your site’s own front page (home_url()), used to fetch and parse the public HTML so the plugin can detect Pixel installs, fired events, Advanced Matching, eventID dedupe, etc.
• What data is sent: Only the HTTP GET itself. The User-Agent header is set to ForegroundCAPIHealth/1.0 (+https://foreground.agency) to identify the audit traffic in your access logs. No personal data, no admin identifiers, no cookies, no user IDs.
• When: Only when a WordPress administrator manually clicks “Run audit on this site” inside Tools → Meta CAPI Health. There is no cron, no front-end trigger, and no automatic re-run.
• Where: The request loops back to your own server (the same WordPress installation that has the plugin installed). It does not go to any external service.
• Fallback chain: If HTTPS fails due to a local certificate issue, the request is retried once with sslverify=false, and as a last resort over http:// to the same hostname. This is purely a local recovery path; no external host is ever contacted.

2. References to third-party services in the plugin’s UI (documentation only — no external call)

The plugin’s “How to fix” instructions name several third-party services so administrators know where to go in their existing accounts. The plugin does not connect to any of these. They are mentioned for instructional purposes only:

• Meta / Facebook — connect.facebook.net, graph.facebook.com, Meta Events Manager, Meta Business Manager. Used as documentation references when explaining how to install a Meta Pixel, set up domain verification, or wire Conversions API. The plugin does not call any Meta endpoint. Meta’s terms: https://www.facebook.com/legal/terms — Meta’s privacy policy: https://www.facebook.com/privacy/policy
• Third-party WordPress plugins mentioned by name in the fix steps (PixelYourSite, Meta for WordPress, CAPI Suite, Cookiebot, CookieYes, Complianz, Termly, Iubenda, OneTrust, GTM for WordPress). These are recommendations only. The plugin does not call, depend on, or communicate with any of them.
• Foreground.agency — appears in the audit traffic User-Agent string for self-identification, and as the destination of an optional “Get the Pixel Fix” link shown in the admin UI only when an administrator clicks it. The plugin itself does not phone home to foreground.agency. Foreground privacy policy: https://foreground.agency/privacy

The “Fix it for me” CTA shown when an administrator’s score is below 85 is a plain HTML link that opens https://foreground.agency/pixel-fix/?ref=wp-plugin in a new tab. Nothing is transmitted unless the administrator chooses to click it.