Benchmarks

Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | All plugins must install correctly, without throwing any errors, warnings, or notices

The plugin installed successfully, without throwing any errors or notices

Server metrics [RAM: ▲0.09MB] [CPU: ▲6.44ms] Passed 4 tests

Analyzing server-side resources used by WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins

This plugin has minimal impact on server resources

Page	Memory (MB)	CPU Time (ms)
Home /	3.56 ▲0.10	40.35 ▼0.05
Dashboard /wp-admin	3.39 ▲0.09	50.46 ▲3.68
Posts /wp-admin/edit.php	3.50 ▲0.15	52.75 ▲9.31
Add New Post /wp-admin/post-new.php	5.97 ▲0.09	98.06 ▲12.82
Media Library /wp-admin/upload.php	3.32 ▲0.09	60.90 ▲28.60
Request API Key /wp-admin/admin.php?page=reportattacks_getapi	3.28	36.14
Report Attacks /wp-admin/admin.php?page=report-attacks	3.27	37.03
Failed Logins Table /wp-admin/admin.php?page=ra_my-custom-submenu-page	3.32	38.73

Server storage [IO: ▲0.49MB] [DB: ▲0.07MB] Passed 3 tests

Filesystem and database footprint

This plugin was installed successfully

Filesystem: 42 new files

Database: 1 new table, 11 new options

New tables
wp_reportattacks_loginlog

New WordPress options
rh_was_activated
widget_theysaidso_widget
reportattacks_installed
theysaidso_admin_options
widget_recent-comments
can_compress_scripts
reportattacks_optin
db_upgraded
bill_last_feedback
widget_recent-posts
...

Browser metrics Passed 4 tests

This is an overview of browser requirements for WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins

Normal browser usage

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	2,882 ▲147	13.18 ▼1.57	1.69 ▼0.29	36.86 ▼13.88
Dashboard /wp-admin	2,263 ▲78	4.92 ▼0.94	114.14 ▼6.42	41.97 ▼3.47
Posts /wp-admin/edit.php	2,145 ▲56	2.03 ▲0.01	34.76 ▼1.13	35.24 ▼1.51
Add New Post /wp-admin/post-new.php	1,575 ▲42	22.99 ▼0.23	599.25 ▼31.98	50.35 ▲0.39
Media Library /wp-admin/upload.php	1,445 ▲57	4.22 ▲0.03	98.04 ▲4.61	43.75 ▲3.00
Request API Key /wp-admin/admin.php?page=reportattacks_getapi	951	2.05	25.29	30.54
Report Attacks /wp-admin/admin.php?page=report-attacks	984	2.13	27.58	28.15
Failed Logins Table /wp-admin/admin.php?page=ra_my-custom-submenu-page	1,090	2.05	29.43	29.55

Uninstaller [IO: ▲0.00MB] [DB: ▲0.07MB] 75% from 4 tests

🔸 Tests weight: 35 | Checking the uninstaller removed all traces of the plugin

Please fix the following items

Zombie WordPress options detected upon uninstall: 11 options
- db_upgraded
- widget_recent-comments
- rh_was_activated
- widget_recent-posts
- bill_last_feedback
- reportattacks_installed
- theysaidso_admin_options
- widget_theysaidso_widget
- bill_show_warnings
- can_compress_scripts
- ...

Smoke tests 50% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | This is a shallow check for server-side errors

Even though no errors were found, this is by no means an exhaustive test

SRP 0% from 2 tests

🔹 Tests weight: 20 | It is important to ensure that your PHP files perform no action when accessed directly, respecting the single-responsibility principle

The following issues need your attention

1× PHP files perform the action of outputting non-empty strings when accessed directly:
- > /wp-content/plugins/reportattacks/includes/checkup/class_bill_catch_errors.php
10× PHP files trigger server errors when accessed directly:
- > PHP Notice
  Undefined variable: notification_url in wp-content/plugins/reportattacks/includes/checkup/bill_class_diagnose.php on line 619
- > PHP Warning
  include_once(): Failed opening 'ABSPATHwp-admin/includes/plugin.php' for inclusion (include_path='.:/usr/share/php') in wp-content/plugins/reportattacks/includes/checkup/bill_class_diagnose.php on line 4
- > PHP Notice
  Undefined variable: plugin_text_domain in wp-content/plugins/reportattacks/includes/checkup/bill_class_diagnose.php on line 621
- > PHP Warning
  Use of undefined constant ABSPATH - assumed 'ABSPATH' (this will throw an Error in a future version of PHP) in wp-content/plugins/reportattacks/includes/checkup/bill_class_diagnose.php on line 4
- > PHP Notice
  Undefined variable: notification_url2 in wp-content/plugins/reportattacks/includes/checkup/bill_class_diagnose.php on line 620
- > PHP Fatal error
  Uncaught Error: Call to undefined function get_theme_root() in wp-content/plugins/reportattacks/includes/checkup/bill_class_diagnose.php:124
- > PHP Fatal error
  Uncaught Error: Call to undefined function add_action() in wp-content/plugins/reportattacks/includes/feedback/feedback-last.php:5
- > PHP Notice
  Undefined variable: plugin_slug in wp-content/plugins/reportattacks/includes/checkup/bill_class_diagnose.php on line 622
- > PHP Warning
  include_once(ABSPATHwp-admin/includes/plugin.php): failed to open stream: No such file or directory in wp-content/plugins/reportattacks/includes/checkup/bill_class_diagnose.php on line 4
- > PHP Fatal error
  Uncaught Error: Class 'reportattacksWPSettings\\Page' not found in wp-content/plugins/reportattacks/settings/options/plugin_options_tabbed.php:2

User-side errors Passed 1 test

🔹 Test weight: 20 | This is a smoke test targeting browser errors/issues

Everything seems fine on the user side

Optimizations

Plugin configuration 97% from 29 tests

readme.txt 94% from 16 tests

The readme.txt file is undoubtedly the most important file in your plugin, preparing it for public listing on WordPress.org

These attributes need your attention:

Screenshots: These screenshots require images: #1 (Control Panel), #2 (Default IP Black List)

The official readme.txt is a good inspiration

reportattacks/reportattacks.php Passed 13 tests

The primary PHP file in "WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins" version 2.29 is used by WordPress to initiate all plugin functionality

79 characters long description:

Report login brute force attacks and improve login security. Firewall Included.

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | Executable files are considered dangerous and should not be included with any WordPress plugin

No dangerous file extensions were detected4,626 lines of code in 30 files:

Language	Files	Blank lines	Comment lines	Lines of code
PHP	21	617	301	3,554
PO File	1	162	226	478
JavaScript	6	118	33	439
CSS	2	11	4	155

PHP code Passed 2 tests

A short review of cyclomatic complexity and code structure

All good! No complexity issues found

Cyclomatic complexity
Average complexity per logical line of code	0.30
Average class complexity	12.14
▷ Minimum class complexity	1.00
▷ Maximum class complexity	80.00
Average method complexity	3.61
▷ Minimum method complexity	1.00
▷ Maximum method complexity	25.00

Code structure
Namespaces	3
Interfaces	0
Traits	0
Classes	22
▷ Abstract classes	0	0.00%
▷ Concrete classes	22	100.00%
▷ Final classes	0	0.00%
Methods	94
▷ Static methods	10	10.64%
▷ Public methods	87	92.55%
▷ Protected methods	6	6.38%
▷ Private methods	1	1.06%
Functions	55
▷ Named functions	52	94.55%
▷ Anonymous functions	3	5.45%
Constants	9
▷ Global constants	9	100.00%
▷ Class constants	0	0.00%
▷ Public constants	0	0.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

Often times overlooked, PNG files can occupy unnecessary space in your plugin

4 PNG files occupy 0.07MB with 0.04MB in potential savings

Potential savings

Compression of 4 random PNG files using pngquant
File	Size - original	Size - compressed	Savings
settings/images/handle.png	0.21KB	0.20KB	▼ 5.66%
includes/checkup/bell.png	1.07KB	0.27KB	▼ 74.45%
images/infox350.png	60.29KB	12.54KB	▼ 79.21%
images/logo.png	11.39KB	3.07KB	▼ 73.05%

Code Review | WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins

About plugin

Code review

User reviews

Install metrics