Creating a Secret Plugin Folder that Clients Can't Touch?

For clients I host, I want to try a new way of charging them, based on an average of how many users are logged in at any given time (the idea is that logged-out users get a Varnish cached version, which is cheaper to serve, logged in users hit the server directly). Of course, since WordPress only tracks logins using a cookie, I’d have to use a plugin to track this. I found a plugin that tracks how many users are logged in using a db table. When a user logs in, this is recorded, and when they log out, it’s recorded. But this is useless if clients can disable the plugin. Is it possible to create a separate plugin directory that WordPress would also scan, but that users wouldn’t be able to see? I suppose I would also have to make it so they could not deactivate the plugin in the admin either.

Any ideas?

Hard code it into WordPress.

LandonWilson said
Hard code it into WordPress.

That’s a good idea, code it directly into the core and they can’t disable it.

Put the plugin file in wp-content/mu-plugins (create it if it doesn’t exists). It stands for “must-use” plugins. Any code (plugin) placed in the folder is run automatically

jayjdk said
Put the plugin file in wp-content/mu-plugins (create it if it doesn’t exists). It stands for “must-use” plugins. Any code (plugin) placed in the folder is run automatically

That might work perfectly. I’ll give it a try. I guess I could always hack the core if that doesn’t work, but that would be a hassle every time there’s an upgrade. The must use folder sounds like a winner. Thank everybody for the ideas!

Update: the mu-plugins folder works like a charm. I had no idea this existed. So any plugin here is automatically included and activated, but it doesn’t show up in the plugin list. Brilliant!