Benchmarks

Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | It is important to correctly install your plugin, without throwing errors or notices

The plugin installed gracefully, with no errors

Server metrics [RAM: ▲1.29MB] [CPU: ▲8.08ms] Passed 4 tests

This is a short check of server-side resources used by Secure WP Admin

No issues were detected with server-side resource usage

Page	Memory (MB)	CPU Time (ms)
Home /	4.77 ▲1.31	54.35 ▲7.62
Dashboard /wp-admin	4.64 ▲1.34	63.06 ▲9.55
Posts /wp-admin/edit.php	4.69 ▲1.33	66.35 ▲18.05
Add New Post /wp-admin/post-new.php	7.16 ▲1.27	95.35 ▼2.89
Media Library /wp-admin/upload.php	4.47 ▲1.24	54.29 ▲18.91

Server storage [IO: ▲4.72MB] [DB: ▲0.00MB] Passed 3 tests

How much does this plugin use your filesystem and database?

There were no storage issued detected upon installing this plugin

Filesystem: 470 new files

Database: no new tables, 6 new options

New WordPress options
widget_recent-comments
db_upgraded
widget_recent-posts
can_compress_scripts
theysaidso_admin_options
widget_theysaidso_widget

Browser metrics Passed 4 tests

Checking browser requirements for Secure WP Admin

There were no issues detected in relation to browser resource usage

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	3,011 ▲265	19.42 ▲5.04	2.23 ▼0.42	43.45 ▼1.15
Dashboard /wp-admin	2,387 ▲199	9.74 ▲4.84	203.05 ▲91.32	90.35 ▲47.71
Posts /wp-admin/edit.php	2,313 ▲224	6.80 ▲4.81	120.85 ▲86.16	75.15 ▲36.63
Add New Post /wp-admin/post-new.php	1,719 ▲205	25.38 ▲7.88	685.11 ▼18.10	41.59 ▼8.43
Media Library /wp-admin/upload.php	1,446 ▲58	7.18 ▲3.00	144.96 ▲43.62	75.03 ▲26.32
Secure WP Admin /wp-admin/crb_carbon_fields_container_secure_wp_admin.php	26	0.44	0.13	14.48

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | The uninstall procedure must remove all plugin files and extra database tables

It is recommended to fix the following

This plugin does not fully uninstall, leaving 6 options in the database
- can_compress_scripts
- widget_recent-comments
- widget_recent-posts
- theysaidso_admin_options
- widget_theysaidso_widget
- db_upgraded

Smoke tests 25% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | This is a shallow check for server-side errors

Everything seems fine, however this is by no means an exhaustive test

SRP 0% from 2 tests

🔹 Tests weight: 20 | The single-responsibility principle: PHP files have to remain inert when accessed directly, throwing no errors and performing no actions

The following issues need your attention

1× PHP files output text when accessed directly:
- > /wp-content/plugins/secure-wp-admin/includes/option_fields/vendor/htmlburger/carbon-fields/templates/Exception/incorrect-syntax.php
205× GET requests to PHP files have triggered server-side errors or warnings (only 10 are shown):
- > PHP Fatal error
  Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/secure-wp-admin/includes/option_fields/vendor/composer/installers/src/Composer/Installers/PortoInstaller.php:4
- > PHP Notice
  Undefined variable: plural in wp-content/plugins/secure-wp-admin/includes/option_fields/vendor/htmlburger/carbon-fields/templates/Exception/incorrect-syntax.php on line 32
- > PHP Fatal error
  Uncaught Error: Class 'Carbon_Fields\\Field\\Field' not found in wp-content/plugins/secure-wp-admin/includes/option_fields/vendor/htmlburger/carbon-fields/core/Field/Oembed_Field.php:8
- > PHP Fatal error
  Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/secure-wp-admin/includes/option_fields/vendor/composer/installers/src/Composer/Installers/BonefishInstaller.php:4
- > PHP Fatal error
  Uncaught Error: Class 'Carbon_Fields\\Field\\Select_Field' not found in wp-content/plugins/secure-wp-admin/includes/option_fields/vendor/htmlburger/carbon-fields/core/Field/Radio_Image_Field.php:8
- > PHP Fatal error
  Uncaught Error: Class 'Carbon_Fields\\Field\\Scripts_Field' not found in wp-content/plugins/secure-wp-admin/includes/option_fields/vendor/htmlburger/carbon-fields/core/Field/Footer_Scripts_Field.php:9
- > PHP Fatal error
  Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/secure-wp-admin/includes/option_fields/vendor/composer/installers/src/Composer/Installers/KodiCMSInstaller.php:4
- > PHP Fatal error
  Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/secure-wp-admin/includes/option_fields/vendor/composer/installers/src/Composer/Installers/PhiftyInstaller.php:4
- > PHP Fatal error
  Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/secure-wp-admin/includes/option_fields/vendor/composer/installers/src/Composer/Installers/EzPlatformInstaller.php:4
- > PHP Fatal error
  Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/secure-wp-admin/includes/option_fields/vendor/composer/installers/src/Composer/Installers/OntoWikiInstaller.php:4

User-side errors 0% from 1 test

🔹 Test weight: 20 | This is a shallow check for browser errors

Please fix the following user-side errors

- > GET request to /wp-admin/crb_carbon_fields_container_secure_wp_admin.php
- > Network (severe)
wp-admin/crb_carbon_fields_container_secure_wp_admin.php - Failed to load resource: the server responded with a status of 404 (Not Found)

Optimizations

Plugin configuration Passed 29 tests

readme.txt Passed 16 tests

The readme.txt file is important because it is parsed by WordPress.org for the public listing of your plugin

3 plugin tags: secure admin, site security, secure wp admin

secure-wp-admin/secure-wp-admin.php Passed 13 tests

The primary PHP file in "Secure WP Admin" version 1.4.1 is used by WordPress to initiate all plugin functionality

72 characters long description:

Want to lock WP Admin with some PIN code? Then this is the right plugin.

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | Executable files are not allowed as they can serve as attack vectors

Success! There were no dangerous files found in this plugin74,640 lines of code in 439 files:

Language	Files	Blank lines	Comment lines	Lines of code
JavaScript	143	15,933	28,390	59,757
PHP	241	2,616	6,573	10,910
PO File	12	1,132	1,623	2,507
JSON	8	0	0	580
CSS	27	288	124	558
Markdown	5	61	0	279
YAML	2	7	0	26
XML	1	2	0	23

PHP code Passed 2 tests

A brief analysis of cyclomatic complexity and code structure for this plugin

There are no cyclomatic complexity problems detected for this plugin

Cyclomatic complexity
Average complexity per logical line of code	0.26
Average class complexity	5.32
▷ Minimum class complexity	1.00
▷ Maximum class complexity	61.00
Average method complexity	2.04
▷ Minimum method complexity	1.00
▷ Maximum method complexity	43.00

Code structure
Namespaces	25
Interfaces	5
Traits	0
Classes	216
▷ Abstract classes	13	6.02%
▷ Concrete classes	203	93.98%
▷ Final classes	1	0.49%
Methods	941
▷ Static methods	82	8.71%
▷ Public methods	751	79.81%
▷ Protected methods	182	19.34%
▷ Private methods	8	0.85%
Functions	94
▷ Named functions	22	23.40%
▷ Anonymous functions	72	76.60%
Constants	32
▷ Global constants	7	21.88%
▷ Class constants	25	78.12%
▷ Public constants	25	100.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

It is recommended to compress PNG files in your plugin to minimize bandwidth usage

2 PNG files occupy 0.01MB with 0.00MB in potential savings

Potential savings

Compression of 2 random PNG files using pngquant
File	Size - original	Size - compressed	Savings
img/icon.png	2.08KB	1.30KB	▼ 37.39%
img/default-logo.png	6.29KB	2.90KB	▼ 53.89%

Code Review | Secure WP Admin

About plugin

Code review

User reviews

Install metrics