Benchmarks

Plugin footprint 82% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Verifying that this plugin installs correctly without errors

This plugin's installer ran successfully

Server metrics [RAM: ▲0.02MB] [CPU: ▼5.92ms] Passed 4 tests

Server-side resources used by Headers Security Advanced & HSTS WP

This plugin has minimal impact on server resources

Page	Memory (MB)	CPU Time (ms)
Home /	3.50 ▲0.03	43.11 ▲0.46
Dashboard /wp-admin	3.33 ▲0.02	48.87 ▼0.66
Posts /wp-admin/edit.php	3.38 ▲0.02	48.33 ▼1.96
Add New Post /wp-admin/post-new.php	5.91 ▲0.02	80.87 ▼19.80
Media Library /wp-admin/upload.php	3.25 ▲0.02	39.28 ▼1.24
Headers Security Advanced & HSTS WP /wp-admin/options-general.php?page=headers-security-advanced-hsts-wp-plugin	3.22	33.72

Server storage [IO: ▲0.24MB] [DB: ▲0.00MB] 67% from 3 tests

Filesystem and database footprint

Just a few items left to fix

You have illegally modified 1 file (1.94KB) outside of "wp-content/plugins/headers-security-advanced-hsts-wp/" and "wp-content/uploads/"
- (modified) .htaccess

Filesystem: 21 new files

Database: no new tables, 10 new options

New WordPress options
hsts_preload
widget_recent-posts
db_upgraded
widget_theysaidso_widget
can_compress_scripts
hsts_max_age
hsts_include_subdomains
widget_recent-comments
hsts_csp
theysaidso_admin_options

Browser metrics Passed 4 tests

An overview of browser requirements for Headers Security Advanced & HSTS WP

Minimal impact on browser resources

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	2,846 ▲85	14.26 ▼0.18	1.38 ▼0.57	12.87 ▼29.03
Dashboard /wp-admin	2,271 ▲91	5.61 ▼0.04	82.57 ▼8.71	46.28 ▲4.50
Posts /wp-admin/edit.php	1,923 ▼177	0.71 ▼1.23	2.39 ▼36.44	10.83 ▼24.86
Add New Post /wp-admin/post-new.php	1,531 ▲5	23.13 ▼0.54	666.88 ▲2.06	49.87 ▼11.93
Media Library /wp-admin/upload.php	1,403 ▼0	4.19 ▲0.06	97.87 ▼12.27	47.75 ▲1.09
Headers Security Advanced & HSTS WP /wp-admin/options-general.php?page=headers-security-advanced-hsts-wp-plugin	1,039	1.99	27.29	75.63

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | It is important to correctly uninstall your plugin, without leaving any traces

It is recommended to fix the following

Zombie WordPress options were found after uninstall: 6 options
- widget_recent-comments
- theysaidso_admin_options
- widget_theysaidso_widget
- db_upgraded
- widget_recent-posts
- can_compress_scripts

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | Just a short smoke test targeting errors on the server (in the Apache logs)

Even though everything seems fine, this is not an exhaustive test

SRP 50% from 2 tests

🔹 Tests weight: 20 | A shallow check of the single-responsibility principle; PHP files should perform no action - including output of placeholder text - and trigger no errors when accessed directly

The following issues need your attention

1× PHP files output text when accessed directly:
- > /wp-content/plugins/headers-security-advanced-hsts-wp/headers-security-advanced-hsts-wp.php

User-side errors Passed 1 test

🔹 Test weight: 20 | A shallow check that no browser errors were triggered

Everything seems fine, but this is not an exhaustive test

Optimizations

Plugin configuration 90% from 29 tests

readme.txt 88% from 16 tests

The readme.txt file is important because it is parsed by WordPress.org for the public listing of your plugin

These attributes need to be fixed:

Plugin Name: Please replace "Plugin Name" with the name of your plugin on the first line ( === headers-security-advanced-hsts-wp === )
Tags: Please delete some tags, you are using 14 tag instead of maximum 10

The official readme.txt might help

headers-security-advanced-hsts-wp/headers-security-advanced-hsts-wp.php 92% from 13 tests

The main PHP script in "Headers Security Advanced & HSTS WP" version 5.0.29 is automatically included on every request by WordPress

Please make the necessary changes and fix the following:

Description: If Twitter did it, so should we! Keep the description under 140 characters (currently 604 characters long)

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | There should be no dangerous file extensions present in any WordPress plugin

No dangerous file extensions were detected1,695 lines of code in 13 files:

Language	Files	Blank lines	Comment lines	Lines of code
PO File	6	281	964	1,114
PHP	2	49	32	425
CSS	2	0	1	53
SVG	1	0	1	48
XML	1	15	22	41
JSON	1	0	0	14

PHP code Passed 2 tests

Analyzing cyclomatic complexity and code structure

There are no cyclomatic complexity problems detected for this plugin

Cyclomatic complexity
Average complexity per logical line of code	0.18
Average class complexity	0.00
▷ Minimum class complexity	0.00
▷ Maximum class complexity	0.00
Average method complexity	0.00
▷ Minimum method complexity	0.00
▷ Maximum method complexity	0.00

Code structure
Namespaces	0
Interfaces	0
Traits	0
Classes	0
▷ Abstract classes	0	0.00%
▷ Concrete classes	0	0.00%
▷ Final classes	0	0.00%
Methods	0
▷ Static methods	0	0.00%
▷ Public methods	0	0.00%
▷ Protected methods	0	0.00%
▷ Private methods	0	0.00%
Functions	18
▷ Named functions	18	100.00%
▷ Anonymous functions	0	0.00%
Constants	2
▷ Global constants	0	0.00%
▷ Class constants	2	100.00%
▷ Public constants	2	100.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

Often times overlooked, PNG files can occupy unnecessary space in your plugin

2 PNG files occupy 0.02MB with 0.01MB in potential savings

Potential savings

Compression of 2 random PNG files using pngquant
File	Size - original	Size - compressed	Savings
assets/images/orange-button-min.png	16.75KB	7.67KB	▼ 54.20%
assets/images/cyan-button-min.png	6.84KB	3.51KB	▼ 48.72%

Code Review | Headers Security Advanced & HSTS WP

About plugin

Code review

User reviews

Install metrics