10% apache-password-protect

Code Review | Apache Password Protect

WordPress plugin Apache Password Protect scored10%from 54 tests.

About plugin

  • Plugin page: apache-password-p...
  • Plugin version: 1.1
  • PHP version: 7.4.16
  • WordPress compatibility: 3.0.0-3.6.0
  • WordPress version: 6.3.1
  • First release: Aug 8, 2013
  • Latest release: Aug 9, 2013
  • Number of updates: 5
  • Update frequency: every 1.2 days
  • Top authors: Drop (100%)

Code review

54 tests

User reviews

3 reviews

Install metrics

40+ active /3,357 total downloads


Plugin footprint 40% from 16 tests

Installer 0% from 1 test

🔺 Critical test (weight: 50) | All plugins must install correctly, without throwing any errors, warnings, or notices
You still need to fix the following installer errors
  • This plugin did not install gracefully
    • > Warning in wp-content/plugins/apache-password-protect/apache-password-protect.php+21
    Use of undefined constant DOCUMENT_ROOT - assumed 'DOCUMENT_ROOT' (this will throw an Error in a future version of PHP)

Server metrics [RAM: ▼0.89MB] [CPU: ▼39.90ms] Passed 4 tests

Analyzing server-side resources used by Apache Password Protect
This plugin has minimal impact on server resources
PageMemory (MB)CPU Time (ms)
Home /3.55 ▲0.0942.85 ▼1.68
Dashboard /wp-admin3.07 ▼0.2825.25 ▼42.23
Posts /wp-admin/edit.php3.07 ▼0.2922.99 ▼28.02
Add New Post /wp-admin/post-new.php3.07 ▼2.8225.55 ▼76.23
Media Library /wp-admin/upload.php3.07 ▼0.1623.83 ▼13.11

Server storage [IO: ▲0.15MB] [DB: ▲0.00MB] 67% from 3 tests

How much does this plugin use your filesystem and database?
Please fix the following
  • The plugin illegally modified 4 files (0.65KB) outside of "wp-content/plugins/apache-password-protect/" and "wp-content/uploads/"
    • (new file) .htpasswd
    • (new file) wp-admin/.htpasswd
    • (modified) .htaccess
    • (new file) wp-admin/.htaccess
Filesystem: 17 new files
Database: no new tables, 18 new options
New WordPress options

Browser metrics Passed 4 tests

An overview of browser requirements for Apache Password Protect
This plugin has a minimal impact on browser resources
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /2,810 ▲4914.34 ▼0.381.61 ▼0.0443.51 ▲0.04
Dashboard /wp-admin2,201 ▲245.81 ▲0.1494.14 ▲1.4286.03 ▲44.49
Posts /wp-admin/edit.php2,124 ▲242.04 ▲0.0736.53 ▲3.0734.04 ▼7.01
Add New Post /wp-admin/post-new.php1,548 ▲2023.35 ▼0.07680.84 ▲5.0863.46 ▼3.54
Media Library /wp-admin/upload.php1,421 ▲184.26 ▲0.06102.16 ▲1.5774.64 ▲30.20

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 50% from 4 tests

🔸 Tests weight: 35 | The uninstall procedure must remove all plugin files and extra database tables
You still need to fix the following
  • This plugin did not uninstall without warnings or errors
    • > User deprecated in wp-includes/functions.php+5737
    Function has_cap was called with an argument that is deprecated since version 2.0.0! Usage of user levels is deprecated. Use capabilities instead.
  • The uninstall procedure has failed, leaving 6 options in the database
    • widget_recent-posts
    • widget_theysaidso_widget
    • widget_recent-comments
    • db_upgraded
    • can_compress_scripts
    • theysaidso_admin_options

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | A shallow check that no server-side errors were triggered
Even though everything seems fine, this is not an exhaustive test

SRP 50% from 2 tests

🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser
Please fix the following items
  • 3× GET requests to PHP files trigger server-side errors or Error 500 responses:
    • > PHP Notice
      Undefined index: settings-updated in wp-content/plugins/apache-password-protect/app-options-page.php on line 4
    • > PHP Fatal error
      Uncaught Error: Call to undefined function wp_nonce_field() in wp-content/plugins/apache-password-protect/app-options-page.php:9
    • > PHP Fatal error
      Uncaught Error: Call to undefined function load_plugin_textdomain() in wp-content/plugins/apache-password-protect/apache-password-protect.php:14

User-side errors Passed 1 test

🔹 Test weight: 20 | This is just a short smoke test looking for browser issues
Everything seems fine, but this is not an exhaustive test


Plugin configuration 93% from 29 tests

readme.txt 88% from 16 tests

Often overlooked, readme.txt is one of the most important files in your plugin
Please fix the following attributes:
  • Tags: You are using too many tags: 25 tag instead of maximum 10
  • Screenshots: Please add images for these screenshots: #1 (Admin configuration screen.), #2 (Chrome browser screen.)
The official readme.txt is a good inspiration

apache-password-protect/apache-password-protect.php Passed 13 tests

The principal PHP file in "Apache Password Protect" v. 1.1 is loaded by WordPress automatically on each request
66 characters long description:
Protect wp-admin folder and the wp-login.php file of HTTP password

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | A short check of programming languages and file extensions; no executable files are allowed
Everything looks great! No dangerous files found in this plugin580 lines of code in 8 files:
LanguageFilesBlank linesComment linesLines of code
PO File3391777166

PHP code Passed 2 tests

This is a very shot review of cyclomatic complexity and code structure
All good! No complexity issues found
Cyclomatic complexity
Average complexity per logical line of code0.08
Average class complexity0.00
▷ Minimum class complexity0.00
▷ Maximum class complexity0.00
Average method complexity0.00
▷ Minimum method complexity0.00
▷ Maximum method complexity0.00
Code structure
▷ Abstract classes00.00%
▷ Concrete classes00.00%
▷ Final classes00.00%
▷ Static methods00.00%
▷ Public methods00.00%
▷ Protected methods00.00%
▷ Private methods00.00%
▷ Named functions10100.00%
▷ Anonymous functions00.00%
▷ Global constants00.00%
▷ Class constants00.00%
▷ Public constants00.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

It is recommended to compress PNG files in your plugin to minimize bandwidth usage
5 PNG files occupy 0.09MB with 0.03MB in potential savings
Potential savings
Compression of 5 random PNG files using pngquant
FileSize - originalSize - compressedSavings
images/cream_pixels.png0.19KB0.19KB▼ 0.52%
images/refresh.png0.55KB0.32KB▼ 42.40%
images/icon.png1.17KB0.86KB▼ 26.96%
screenshot-1.png41.31KB18.13KB▼ 56.11%
screenshot-2.png47.95KB21.53KB▼ 55.10%