84% limit-login-attempts-reloaded

Code Review | Limit Login Attempts Reloaded

WordPress plugin Limit Login Attempts Reloaded scored 84% from 54 tests.

About plugin

  • Plugin page: limit-login-attem...
  • Plugin version: 2.24.0
  • PHP version: 7.4.16
  • WordPress compatibility: 3.0-5.9
  • WordPress version: 5.9.2
  • First release: Aug 3, 2016
  • Latest release: Mar 25, 2022
  • Number of updates: 82
  • Update frequency: every 25.2 days
  • Top authors: wpchefgadget (100%)

Code review

54 tests

User reviews

876 reviews

Install metrics

2,000,000+ active / 19,893,015 total downloads


Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Checking the installer triggered no errors
The plugin installed successfully, without throwing any errors or notices

Server metrics [RAM: ▲0.42MB] [CPU: ▼296.19ms] Passed 4 tests

A check of server-side resources used by Limit Login Attempts Reloaded
Server-side resource usage in normal parameters
PageMemory (MB)CPU Time (ms)
Home /3.99 ▲0.4761.16 ▲9.63
Dashboard /wp-admin3.83 ▲0.4237.47 ▲2.66
Posts /wp-admin/edit.php4.06 ▲0.4143.43 ▲6.51
Add New Post /wp-admin/post-new.php7.36 ▲0.3996.05 ▼1,193.14
Media Library /wp-admin/upload.php3.78 ▲0.4828.15 ▼0.80
Limit Login Attempts Welcome /wp-admin/index.php?page=llar-welcome3.7227.18
Limit Login Attempts /wp-admin/options-general.php?page=limit-login-attempts3.86331.27

Server storage [IO: ▲0.97MB] [DB: ▲0.00MB] Passed 3 tests

How much does this plugin use your filesystem and database?
No storage issues were detected
Filesystem: 310 new files
Database: no new tables, 1 new option
New WordPress options

Browser metrics Passed 4 tests

A check of browser resources used by Limit Login Attempts Reloaded
This plugin has a minimal impact on browser resources
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /4,043 ▲28916.02 ▼0.045.94 ▼0.052.90 ▲0.17
Dashboard /wp-admin3,139 ▲2816.17 ▼0.01119.75 ▼13.03156.34 ▼0.59
Posts /wp-admin/edit.php2,902 ▲2143.25 ▲0.0165.21 ▲2.14137.37 ▼5.66
Add New Post /wp-admin/post-new.php1,659 ▼5821.19 ▲0.07391.54 ▼76.51150.29 ▼5.95
Media Library /wp-admin/upload.php1,972 ▲2745.59 ▲0.08148.85 ▼0.40188.36 ▼3.05
Limit Login Attempts Welcome /wp-admin/index.php?page=llar-welcome1,7082.7454.99166.91
Limit Login Attempts /wp-admin/options-general.php?page=limit-login-attempts1,7434.94142.36212.38

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | It is important to correctly uninstall your plugin, without leaving any traces
The following items require your attention
  • This plugin does not fully uninstall, leaving 1 option in the database
    • limit_login_logged

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | Just a short smoke test targeting errors on the server (in the Apache logs)
Everything seems fine, however this is by no means an exhaustive test

SRP 50% from 2 tests

🔹 Tests weight: 20 | The single-responsibility principle: PHP files have to remain inert when accessed directly, throwing no errors and performing no actions
Please fix the following items
  • 1× PHP files trigger errors when accessed directly with GET requests:
    • > PHP Fatal error
      Uncaught Error: Call to undefined function plugin_dir_url() in wp-content/plugins/limit-login-attempts-reloaded/limit-login-attempts-reloaded.php:16

User-side errors Passed 1 test

🔹 Test weight: 20 | Just a short smoke test targeting errors on the browser (console and network errors and warnings)
No browser errors were detected


Plugin configuration Passed 29 tests

readme.txt Passed 16 tests

It's important to format your readme.txt file correctly as it is parsed for the public listing of your plugin
5 plugin tags: firewall, protection, login, brute force, security

limit-login-attempts-reloaded/limit-login-attempts-reloaded.php Passed 13 tests

"Limit Login Attempts Reloaded" version 2.24.0's primary PHP file adds more information about the plugin and serves as the entry point for WordPress
53 characters long description:
Limit the rate of login attempts for each IP address.

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | An overview of files in this plugin; executable files are not allowed
Good job! No executable or dangerous file extensions detected6,109 lines of code in 31 files:
LanguageFilesBlank linesComment linesLines of code

PHP code Passed 2 tests

Analyzing logical lines of code, cyclomatic complexity, and other code metrics
This plugin has no cyclomatic complexity problems
Cyclomatic complexity
Average complexity per logical line of code0.42
Average class complexity79.80
▷ Minimum class complexity1.00
▷ Maximum class complexity357.00
Average method complexity4.55
▷ Minimum method complexity1.00
▷ Maximum method complexity42.00
Code structure
▷ Abstract classes00.00%
▷ Concrete classes5100.00%
▷ Final classes00.00%
▷ Static methods87.21%
▷ Public methods10695.50%
▷ Protected methods00.00%
▷ Private methods54.50%
▷ Named functions00.00%
▷ Anonymous functions00.00%
▷ Global constants7100.00%
▷ Class constants00.00%
▷ Public constants00.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

It is recommended to compress PNG files in your plugin to minimize bandwidth usage
275 compressed PNG files occupy 0.32MB
Potential savings
Compression of 5 random PNG files using pngquant
FileSize - originalSize - compressedSavings
assets/img/flags/BA.png0.29KB0.29KB▼ 1.99%
assets/img/flags/TV.png0.63KB0.59KB▼ 6.68%