Benchmarks
Plugin footprint 83% from 16 tests
Installer Passed 1 test
🔺 Critical test (weight: 50) | Verifying that this plugin installs correctly without errors
Installer ran successfully
Server metrics [RAM: ▲0.11MB] [CPU: ▼7.07ms] Passed 4 tests
An overview of server-side resources used by Secure HTTP Headers
No issues were detected with server-side resource usage
| Page | Memory (MB) | CPU Time (ms) |
|---|---|---|
| Home / | 3.58 ▲0.12 | 43.24 ▼0.70 |
| Dashboard /wp-admin | 3.43 ▲0.08 | 50.66 ▼18.36 |
| Posts /wp-admin/edit.php | 3.48 ▲0.12 | 48.99 ▼0.27 |
| Add New Post /wp-admin/post-new.php | 6.01 ▲0.12 | 94.98 ▼8.96 |
| Media Library /wp-admin/upload.php | 3.35 ▲0.12 | 39.72 ▲2.38 |
| Secure HTTP Headers Confirm /wp-admin/admin.php?page=magnisec-headers-confirm | 3.34 | 39.59 |
| Secure HTTP Headers Setting /wp-admin/admin.php?page=magnisec-headers-setting | 3.34 | 33.64 |
| Secure HTTP Headers /wp-admin/options-general.php?page=magnisec-headers-server | 3.32 | 30.89 |
Server storage [IO: ▲0.29MB] [DB: ▲0.00MB] Passed 3 tests
Analyzing filesystem and database footprints of this plugin
There were no storage issued detected upon installing this plugin
Filesystem: 13 new files
Database: 3 new tables, 6 new options
| New tables |
|---|
| magnisec_headers_website_servers |
| magnisec_headers_security_headers |
| magnisec_headers_permissions_directives |
| New WordPress options |
|---|
| widget_recent-posts |
| can_compress_scripts |
| theysaidso_admin_options |
| widget_theysaidso_widget |
| widget_recent-comments |
| db_upgraded |
Browser metrics Passed 4 tests
Secure HTTP Headers: an overview of browser usage
There were no issues detected in relation to browser resource usage
| Page | Nodes | Memory (MB) | Script (ms) | Layout (ms) |
|---|---|---|---|---|
| Home / | 2,793 ▲22 | 14.35 ▲0.00 | 1.69 ▼0.12 | 44.90 ▲0.94 |
| Dashboard /wp-admin | 2,199 ▲22 | 5.55 ▼0.05 | 83.07 ▼6.25 | 38.14 ▼1.54 |
| Posts /wp-admin/edit.php | 2,101 ▲4 | 1.98 ▼0.01 | 33.56 ▼2.87 | 36.39 ▲3.38 |
| Add New Post /wp-admin/post-new.php | 1,531 ▲3 | 23.02 ▼0.04 | 633.61 ▼55.56 | 58.05 ▼2.61 |
| Media Library /wp-admin/upload.php | 1,398 ▼2 | 4.20 ▼0.03 | 95.60 ▼2.95 | 40.09 ▼6.54 |
| Secure HTTP Headers Confirm /wp-admin/admin.php?page=magnisec-headers-confirm | 858 | 2.02 | 22.79 | 41.70 |
| Secure HTTP Headers Setting /wp-admin/admin.php?page=magnisec-headers-setting | 1,187 | 2.07 | 23.35 | 31.54 |
| Secure HTTP Headers /wp-admin/options-general.php?page=magnisec-headers-server | 813 | 2.01 | 24.35 | 29.22 |
Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests
🔸 Tests weight: 35 | Checking the uninstaller removed all traces of the plugin
These items require your attention
- Zombie WordPress options were found after uninstall: 6 options
- widget_theysaidso_widget
- can_compress_scripts
- widget_recent-comments
- db_upgraded
- theysaidso_admin_options
- widget_recent-posts
Smoke tests 50% from 4 tests
Server-side errors 0% from 1 test
🔹 Test weight: 20 | This is a short smoke test looking for server-side errors
These errors were triggered by the plugin
- 7 occurences, only the last one shown
- > GET request to /wp-admin/options-general.php?page=magnisec-headers-server
- > User notice in wp-includes/functions.php+5905
Function wpdb::prepare was called incorrectly. The query argument of wpdb::prepare() must have a placeholder. Please see Debugging in WordPress for more information. (This message was added in version 3.9.0.)
- 3 occurences, only the last one shown
- > GET request to /wp-admin/admin.php?page=magnisec-headers-setting
- > Notice in wp-content/plugins/secure-http-headers/views/magnisec_headers_form.php+33
Undefined index: header
- > GET request to /wp-admin/options-general.php?page=magnisec-headers-server
- > Notice in wp-content/plugins/secure-http-headers/views/magnisec_headers_server.php+9
Undefined variable: error
SRP 50% from 2 tests
🔹 Tests weight: 20 | A shallow check of the single-responsibility principle; PHP files should perform no action - including output of placeholder text - and trigger no errors when accessed directly
Please fix the following items
- 4× GET requests to PHP files have triggered server-side errors or warnings:
- > PHP Fatal error
Uncaught Error: Call to undefined function MagniSecSecureHeaders\\plugin_dir_path() in wp-content/plugins/secure-http-headers/MagniSecSecureHeaders.php:38
- > PHP Fatal error
Uncaught Error: Call to undefined function wp_register_style() in wp-content/plugins/secure-http-headers/views/magnisec_headers_server.php:2
- > PHP Fatal error
Uncaught Error: Call to undefined function wp_register_style() in wp-content/plugins/secure-http-headers/views/magnisec_headers_form.php:2
- > PHP Fatal error
Uncaught Error: Call to undefined function wp_register_style() in wp-content/plugins/secure-http-headers/views/magnisec_headers_confirm.php:2
- > PHP Fatal error
User-side errors Passed 1 test
🔹 Test weight: 20 | This is a smoke test targeting browser errors/issues
No browser errors were detected
Optimizations
Plugin configuration 96% from 29 tests
readme.txt Passed 16 tests
The readme.txt file is an important file in your plugin as it is parsed by WordPress.org to prepare the public listing of your plugin
4 plugin tags: security, headers, cookies, hardening
secure-http-headers/MagniSecSecureHeaders.php 92% from 13 tests
Analyzing the main PHP file in "Secure HTTP Headers" version 1.0
It is important to fix the following:
- Main file name: It is recommended to name the main PHP file as the plugin slug ("secure-http-headers.php" instead of "MagniSecSecureHeaders.php")
Code Analysis Passed 3 tests
File types Passed 1 test
🔸 Test weight: 35 | This is an overview of programming languages used in this plugin; dangerous file extensions are not allowed
Everything looks great! No dangerous files found in this plugin1,208 lines of code in 6 files:
| Language | Files | Blank lines | Comment lines | Lines of code |
|---|---|---|---|---|
| PHP | 4 | 83 | 21 | 784 |
| CSS | 1 | 10 | 0 | 283 |
| JavaScript | 1 | 9 | 0 | 141 |
PHP code Passed 2 tests
Analyzing logical lines of code, cyclomatic complexity, and other code metrics
This plugin has no cyclomatic complexity problems
| Cyclomatic complexity | |
|---|---|
| Average complexity per logical line of code | 0.45 |
| Average class complexity | 78.00 |
| ▷ Minimum class complexity | 78.00 |
| ▷ Maximum class complexity | 78.00 |
| Average method complexity | 6.50 |
| ▷ Minimum method complexity | 1.00 |
| ▷ Maximum method complexity | 40.00 |
| Code structure | ||
|---|---|---|
| Namespaces | 1 | |
| Interfaces | 0 | |
| Traits | 0 | |
| Classes | 1 | |
| ▷ Abstract classes | 0 | 0.00% |
| ▷ Concrete classes | 1 | 100.00% |
| ▷ Final classes | 0 | 0.00% |
| Methods | 14 | |
| ▷ Static methods | 1 | 7.14% |
| ▷ Public methods | 13 | 92.86% |
| ▷ Protected methods | 0 | 0.00% |
| ▷ Private methods | 1 | 7.14% |
| Functions | 0 | |
| ▷ Named functions | 0 | 0.00% |
| ▷ Anonymous functions | 0 | 0.00% |
| Constants | 1 | |
| ▷ Global constants | 1 | 100.00% |
| ▷ Class constants | 0 | 0.00% |
| ▷ Public constants | 0 | 0.00% |
Plugin size Passed 2 tests
Image compression Passed 2 tests
All PNG images should be compressed to minimize bandwidth usage for end users
2 PNG files occupy 0.03MB with 0.01MB in potential savings
Potential savings
| Compression of 2 random PNG files using pngquant | |||
|---|---|---|---|
| File | Size - original | Size - compressed | Savings |
| assets/icon-128x128.png | 3.04KB | 2.04KB | ▼ 32.81% |
| assets/banner-772x250.png | 25.51KB | 10.97KB | ▼ 57.01% |