83% rublon

Code Review | Rublon Multi-Factor Authentication (MFA)

WordPress plugin Rublon Multi-Factor Authentication (MFA) scored83%from 54 tests.

About plugin

  • Plugin page: rublon
  • Plugin version: 4.4.3
  • PHP compatiblity: 5.5.1+
  • PHP version: 7.4.16
  • WordPress compatibility: 5.0-6.4
  • WordPress version: 6.3.1
  • First release: Aug 2, 2013
  • Latest release: Nov 16, 2023
  • Number of updates: 458
  • Update frequency: every 8.2 days
  • Top authors: rublon (88.65%)mraastec (8.52%)mmlastec (2.84%)

Code review

54 tests

User reviews

88 reviews

Install metrics

800+ active /110,016 total downloads


Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Verifying that this plugin installs correctly without errors
The plugin installed successfully, without throwing any errors or notices

Server metrics [RAM: ▲0.85MB] [CPU: ▲0.35ms] Passed 4 tests

Server-side resources used by Rublon Multi-Factor Authentication (MFA)
Normal server usage
PageMemory (MB)CPU Time (ms)
Home /4.32 ▲0.8542.64 ▲2.20
Dashboard /wp-admin4.15 ▲0.8550.57 ▲4.16
Posts /wp-admin/edit.php4.27 ▲0.9150.04 ▲1.81
Add New Post /wp-admin/post-new.php6.75 ▲0.8793.99 ▼6.77
Media Library /wp-admin/upload.php4.08 ▲0.8543.63 ▲8.79

Server storage [IO: ▲0.99MB] [DB: ▲0.00MB] Passed 3 tests

Filesystem and database footprint
The plugin installed successfully
Filesystem: 134 new files
Database: no new tables, 9 new options
New WordPress options

Browser metrics Passed 4 tests

This is an overview of browser requirements for Rublon Multi-Factor Authentication (MFA)
This plugin has a minimal impact on browser resources
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /2,993 ▲23113.40 ▼0.769.42 ▲7.4939.75 ▼6.48
Dashboard /wp-admin2,289 ▲1185.76 ▲0.1283.75 ▼16.6068.00 ▲20.47
Posts /wp-admin/edit.php2,205 ▲1051.87 ▼0.1528.56 ▼12.3931.96 ▼0.77
Add New Post /wp-admin/post-new.php1,618 ▲9223.16 ▼0.05791.62 ▲42.2158.27 ▲5.54
Media Library /wp-admin/upload.php1,503 ▲1004.13 ▼0.09114.50 ▲10.8147.03 ▲1.27

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | All plugins must uninstall correctly, removing their source code and extra database tables they might have created
These items require your attention
  • The uninstall procedure has failed, leaving 6 options in the database
    • widget_recent-posts
    • theysaidso_admin_options
    • db_upgraded
    • widget_recent-comments
    • can_compress_scripts
    • widget_theysaidso_widget

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | This is a short smoke test looking for server-side errors
Even though everything seems fine, this is not an exhaustive test

SRP 50% from 2 tests

🔹 Tests weight: 20 | A shallow check of the single-responsibility principle; PHP files should perform no action - including output of placeholder text - and trigger no errors when accessed directly
Please fix the following
  • 65× PHP files trigger server errors when accessed directly (only 10 are shown):
    • > PHP Fatal error
      Uncaught Error: Class 'Rublon_WordPress\\Libs\\Classes\\Confirmations\\RublonConfirmStrategyForm' not found in wp-content/plugins/rublon/includes/Libs/Classes/Confirmations/Strategy/SettingsUpdate.php:7
    • > PHP Fatal error
      Uncaught Error: Class 'Rublon\\Core\\Exceptions\\Api\\APIException' not found in wp-content/plugins/rublon/vendor/rublon/rublon-sdk-php/Rublon/Core/Exceptions/Api/InvalidSignatureException.php:11
    • > PHP Fatal error
      Uncaught Error: Class 'Rublon\\Core\\Exceptions\\Api\\APIException' not found in wp-content/plugins/rublon/vendor/rublon/rublon-sdk-php/Rublon/Core/Exceptions/Api/SubscriptionExpiredException.php:11
    • > PHP Fatal error
      Uncaught Error: Class 'Rublon\\Core\\Exceptions\\Api\\APIException' not found in wp-content/plugins/rublon/vendor/rublon/rublon-sdk-php/Rublon/Core/Exceptions/Api/UserNotFoundException.php:11
    • > PHP Fatal error
      Uncaught Error: Class 'Rublon\\Core\\Exceptions\\Api\\APIException' not found in wp-content/plugins/rublon/vendor/rublon/rublon-sdk-php/Rublon/Core/Exceptions/Api/AccessTokenExpiredException.php:11
    • > PHP Fatal error
      Uncaught Error: Call to undefined function Rublon_WordPress\\Libs\\Classes\\add_action() in wp-content/plugins/rublon/includes/Libs/Classes/RublonFlashMessage.php:57
    • > PHP Fatal error
      Uncaught Error: Class 'Rublon\\Core\\Exceptions\\Api\\APIException' not found in wp-content/plugins/rublon/vendor/rublon/rublon-sdk-php/Rublon/Core/Exceptions/Api/MissingHeaderException.php:11
    • > PHP Fatal error
      Uncaught Error: Call to undefined function plugins_url() in wp-content/plugins/rublon/rublon2factor.php:17
    • > PHP Fatal error
      Uncaught Error: Class 'Rublon_WordPress\\Libs\\RublonConsumerRegistration\\RublonConsumerRegistrationCommon' not found in wp-content/plugins/rublon/includes/Libs/RublonConsumerRegistration/RublonSubprojectRegistration.php:9
    • > PHP Fatal error
      Uncaught Error: Class 'Rublon\\Core\\Exceptions\\Client\\RublonClientException' not found in wp-content/plugins/rublon/vendor/rublon/rublon-sdk-php/Rublon/Core/Exceptions/Client/RublonClientResponseException.php:13

User-side errors Passed 1 test

🔹 Test weight: 20 | Just a short smoke test targeting errors on the browser (console and network errors and warnings)
No browser issues were found


Plugin configuration 90% from 29 tests

readme.txt 94% from 16 tests

The readme.txt file describes your plugin functionality and requirements and it is parsed to prepare the your plugin's listing
These attributes need your attention:
  • Tags: Too many tags (34 tag instead of maximum 10); only the first 5 tags are used in your directory listing
You can look at the official readme.txt

rublon/rublon2factor.php 85% from 13 tests

Analyzing the main PHP file in "Rublon Multi-Factor Authentication (MFA)" version 4.4.3
Please take the time to fix the following:
  • Main file name: The principal plugin file should be the same as the plugin slug ("rublon.php" instead of "rublon2factor.php")
  • Description: Please don't use more than 140 characters for the plugin description (currently 181 characters long)

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | This is an overview of programming languages used in this plugin; dangerous file extensions are not allowed
There were no executable files found in this plugin10,876 lines of code in 116 files:
LanguageFilesBlank linesComment linesLines of code

PHP code Passed 2 tests

An short overview of logical lines of code, cyclomatic complexity, and other code metrics
Although this was not an exhaustive test, there were no cyclomatic complexity issues detected
Cyclomatic complexity
Average complexity per logical line of code0.37
Average class complexity11.56
▷ Minimum class complexity1.00
▷ Maximum class complexity435.00
Average method complexity2.76
▷ Minimum method complexity1.00
▷ Maximum method complexity94.00
Code structure
▷ Abstract classes910.11%
▷ Concrete classes8089.89%
▷ Final classes00.00%
▷ Static methods25947.35%
▷ Public methods40373.67%
▷ Protected methods9016.45%
▷ Private methods549.87%
▷ Named functions5198.08%
▷ Anonymous functions11.92%
▷ Global constants72.36%
▷ Class constants29097.64%
▷ Public constants290100.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

Often times overlooked, PNG files can occupy unnecessary space in your plugin
10 PNG files occupy 0.08MB with 0.03MB in potential savings
Potential savings
Compression of 5 random PNG files using pngquant
FileSize - originalSize - compressedSavings
assets/images/rublon_badge_32.png2.49KB1.60KB▼ 35.92%
assets/images/toggle-off.png1.66KB1.21KB▼ 27.42%
assets/images/unlocked.png0.34KB0.25KB▼ 24.93%
assets/images/rublon_adam@2x.png47.43KB16.53KB▼ 65.15%
assets/images/toggle-on.png2.24KB1.89KB▼ 15.72%