Benchmarks

Plugin footprint 65% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Verifying that this plugin installs correctly without errors

Installer ran successfully

Server metrics [RAM: ▲1.59MB] [CPU: ▲26.17ms] Passed 4 tests

A check of server-side resources used by Hide My WP Ghost - Security Plugin

Server-side resource usage in normal parameters

Page	Memory (MB)	CPU Time (ms)
Home /	4.47 ▲1.01	49.29 ▲10.30
Dashboard /wp-admin	5.15 ▲1.80	249.44 ▲186.80
Posts /wp-admin/edit.php	5.16 ▲1.81	75.28 ▲26.69
Add New Post /wp-admin/post-new.php	7.67 ▲1.79	137.47 ▲39.00
Media Library /wp-admin/upload.php	5.01 ▲1.79	64.08 ▲28.70
Change Paths /wp-admin/admin.php?page=hmwp_permalinks	5.01	58.60
Backup/Restore /wp-admin/admin.php?page=hmwp_backup	5.01	49.97
Security Check /wp-admin/admin.php?page=hmwp_securitycheck	5.01	50.81
Hide My WP /wp-admin/admin.php?page=hmw_settings	5.01	52.59
Mapping /wp-admin/admin.php?page=hmwp_mapping	5.01	52.95
Events Log /wp-admin/admin.php?page=hmwp_log	5.13	238.58
Overview /wp-admin/admin.php?page=hmwp_settings	5.01	51.19
Tweaks /wp-admin/admin.php?page=hmwp_tweaks	5.01	50.10
Plugins /wp-admin/admin.php?page=hmwp_plugins	5.01	48.72
Brute Force /wp-admin/admin.php?page=hmwp_brute	5.01	55.09

Server storage [IO: ▲5.22MB] [DB: ▲0.01MB] Passed 3 tests

Input-output and database impact of this plugin

This plugin was installed successfully

Filesystem: 182 new files

Database: no new tables, 9 new options

New WordPress options
theysaidso_admin_options
widget_recent-posts
widget_recent-comments
hmwp_options
can_compress_scripts
hmwp_securitycheck_time
widget_theysaidso_widget
db_upgraded
hmwp_securitycheck

Browser metrics Passed 4 tests

An overview of browser requirements for Hide My WP Ghost - Security Plugin

There were no issues detected in relation to browser resource usage

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	2,923 ▲152	13.32 ▼1.05	1.64 ▼0.13	40.30 ▼0.40
Dashboard /wp-admin	2,329 ▲141	4.92 ▲0.05	120.16 ▲4.00	42.15 ▲5.11
Posts /wp-admin/edit.php	2,154 ▲62	2.00 ▼0.19	45.08 ▲10.67	40.97 ▲9.14
Add New Post /wp-admin/post-new.php	1,593 ▲79	18.38 ▲0.89	604.86 ▼75.35	53.07 ▲3.62
Media Library /wp-admin/upload.php	1,455 ▲67	4.28 ▲0.00	100.59 ▼4.69	47.47 ▲1.04
Change Paths /wp-admin/admin.php?page=hmwp_permalinks	1,049	2.14	31.71	58.45
Backup/Restore /wp-admin/admin.php?page=hmwp_backup	1,055	2.12	28.98	36.80
Security Check /wp-admin/admin.php?page=hmwp_securitycheck	1,033	1.96	26.22	36.49
Hide My WP /wp-admin/admin.php?page=hmw_settings	955	1.97	25.79	35.14
Mapping /wp-admin/admin.php?page=hmwp_mapping	1,052	2.08	28.54	40.57
Events Log /wp-admin/admin.php?page=hmwp_log	1,052	2.21	27.17	39.05
Overview /wp-admin/admin.php?page=hmwp_settings	1,038	1.97	25.41	38.87
Tweaks /wp-admin/admin.php?page=hmwp_tweaks	1,052	2.13	27.56	39.57
Plugins /wp-admin/admin.php?page=hmwp_plugins	1,340	1.95	26.22	37.69
Brute Force /wp-admin/admin.php?page=hmwp_brute	1,052	2.09	27.13	40.34

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 50% from 4 tests

🔸 Tests weight: 35 | Checking the uninstaller removed all traces of the plugin

You still need to fix the following

Uninstall procedure had uncaught errors
- > Notice in wp-content/plugins/hide-my-wp/uninstall.php+11
Constant HMWP_BASENAME already defined
This plugin did not uninstall successfully, leaving 6 options in the database
- widget_recent-comments
- widget_recent-posts
- can_compress_scripts
- widget_theysaidso_widget
- theysaidso_admin_options
- db_upgraded

Smoke tests 50% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | A shallow check that no server-side errors were triggered

Even though everything seems fine, this is not an exhaustive test

SRP 0% from 2 tests

🔹 Tests weight: 20 | The single-responsibility principle applies for WordPress plugins as well - please make sure your PHP files perform no actions when accessed directly

Please fix the following items

66× GET requests to PHP files return non-empty strings (only 10 are shown):
- > /wp-content/plugins/hide-my-wp/models/compatibility/Autoptimize.php
- > /wp-content/plugins/hide-my-wp/models/Brute.php
- > /wp-content/plugins/hide-my-wp/models/Woocommerce.php
- > /wp-content/plugins/hide-my-wp/controllers/Overview.php
- > /wp-content/plugins/hide-my-wp/models/compatibility/Breeze.php
- > /wp-content/plugins/hide-my-wp/classes/Tools.php
- > /wp-content/plugins/hide-my-wp/controllers/Connect.php
- > /wp-content/plugins/hide-my-wp/models/compatibility/FlyingPress.php
- > /wp-content/plugins/hide-my-wp/models/compatibility/JsOptimize.php
- > /wp-content/plugins/hide-my-wp/controllers/SecurityCheck.php
1× GET requests to PHP files trigger server-side errors or Error 500 responses:
- > PHP Fatal error
  Uncaught Error: Call to undefined function esc_html__() in wp-content/plugins/hide-my-wp/view/blocks/Upgrade.php:5

User-side errors Passed 1 test

🔹 Test weight: 20 | A shallow check that no browser errors were triggered

Everything seems fine, but this is not an exhaustive test

Optimizations

Plugin configuration 93% from 29 tests

readme.txt Passed 16 tests

Perhaps the most important file in your plugin readme.txt gets parsed in order to generate the public listing of your plugin

9 plugin tags: security, hide, hide wordpress, wp-login, firewall...

hide-my-wp/index.php 85% from 13 tests

The main PHP script in "Hide My WP Ghost - Security Plugin" version 5.0.27 is automatically included on every request by WordPress

You should first fix the following items:

Main file name: Name the main plugin file the same as the plugin slug ("hide-my-wp.php" instead of "index.php")
Description: Please keep the plugin description shorter than 140 characters (currently 148 characters long)

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | A short review of files and their extensions; it is not recommended to include executable files

Success! There were no dangerous files found in this plugin54,725 lines of code in 144 files:

Language	Files	Blank lines	Comment lines	Lines of code
PO File	11	10,108	12,491	28,523
PHP	91	3,561	4,765	14,986
CSS	25	1,263	141	6,746
SVG	4	0	0	2,712
JavaScript	13	249	116	1,758

PHP code Passed 2 tests

A short review of cyclomatic complexity and code structure

There were no cyclomatic complexity issued detected

Cyclomatic complexity
Average complexity per logical line of code	0.67
Average class complexity	39.40
▷ Minimum class complexity	1.00
▷ Maximum class complexity	493.00
Average method complexity	6.03
▷ Minimum method complexity	1.00
▷ Maximum method complexity	68.00

Code structure
Namespaces	0
Interfaces	0
Traits	0
Classes	67
▷ Abstract classes	1	1.49%
▷ Concrete classes	66	98.51%
▷ Final classes	0	0.00%
Methods	490
▷ Static methods	84	17.14%
▷ Public methods	477	97.35%
▷ Protected methods	6	1.22%
▷ Private methods	7	1.43%
Functions	43
▷ Named functions	0	0.00%
▷ Anonymous functions	43	100.00%
Constants	52
▷ Global constants	52	100.00%
▷ Class constants	0	0.00%
▷ Public constants	0	0.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

Often times overlooked, PNG files can occupy unnecessary space in your plugin

14 PNG files occupy 0.37MB with 0.10MB in potential savings

Potential savings

Compression of 5 random PNG files using pngquant
File	Size - original	Size - compressed	Savings
view/wplogin/images/w-logo-white.png	5.27KB	5.29KB	0.00%
view/assets/img/pro_offer.png	97.47KB	35.61KB	▼ 63.47%
view/assets/img/speedometer_high.png	20.45KB	21.54KB	0.00%
view/assets/img/monitor_panel.png	7.74KB	5.18KB	▼ 33.07%
view/assets/img/security_check.png	23.70KB	13.61KB	▼ 42.58%

Code Review | Hide My WP Ghost - Security Plugin

About plugin

Code review

User reviews

Install metrics