Benchmarks

Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | Checking the installer triggered no errors

The plugin installed successfully, without throwing any errors or notices

Server metrics [RAM: ▲0.23MB] [CPU: ▼2.37ms] Passed 4 tests

This is a short check of server-side resources used by Security, Antivirus, Firewall - S.A.F

This plugin has minimal impact on server resources

Page	Memory (MB)	CPU Time (ms)
Home /	3.75 ▲0.29	45.04 ▲6.96
Dashboard /wp-admin	3.60 ▲0.26	52.78 ▼5.05
Posts /wp-admin/edit.php	3.62 ▲0.26	49.31 ▲0.38
Add New Post /wp-admin/post-new.php	6.09 ▲0.20	83.24 ▼9.34
Media Library /wp-admin/upload.php	3.43 ▲0.20	37.75 ▲4.52
Security S.A.F. /wp-admin/admin.php?page=wptsaf_security_extensions	3.58	40.25
Settings /wp-admin/admin.php?page=wptsaf_security_settings	3.44	34.08

Server storage [IO: ▲2.54MB] [DB: ▲0.08MB] Passed 3 tests

A short overview of filesystem and database impact

This plugin installed successfully

Filesystem: 227 new files

Database: 10 new tables, 7 new options

New tables
wp_wptsaf_security_network_monitor_manager_ip_change_log
wp_wptsaf_security_google_captcha_blog_settings
wp_wptsaf_security_google_captcha_log
wp_wptsaf_security_login_brute_force_log
wp_wptsaf_security_system_log
wp_wptsaf_security_easy_password_log
wp_wptsaf_security_network_monitor_manager_ip
wp_wptsaf_security_extension_error_monitor_log
wp_wptsaf_security_network_monitor_log
wp_wptsaf_security_404_detection_log

New WordPress options
theysaidso_admin_options
widget_recent-posts
widget_recent-comments
widget_theysaidso_widget
can_compress_scripts
wpsaf_install_version
db_upgraded

Browser metrics Passed 4 tests

An overview of browser requirements for Security, Antivirus, Firewall - S.A.F

Minimal impact on browser resources

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	3,008 ▲247	13.93 ▼0.42	2.71 ▲1.15	31.63 ▼7.57
Dashboard /wp-admin	2,388 ▲208	5.86 ▲0.18	111.88 ▲23.43	41.11 ▼2.26
Posts /wp-admin/edit.php	2,127 ▲30	2.02 ▲0.03	33.80 ▼3.05	33.48 ▼0.96
Add New Post /wp-admin/post-new.php	1,547 ▲20	23.77 ▲1.02	699.27 ▲40.65	59.88 ▲5.54
Media Library /wp-admin/upload.php	1,424 ▲27	4.14 ▼0.10	95.10 ▼5.97	42.35 ▼3.67
Security S.A.F. /wp-admin/admin.php?page=wptsaf_security_extensions	1,704	2.87	65.70	58.56
Settings /wp-admin/admin.php?page=wptsaf_security_settings	1,283	2.70	57.23	42.86

Uninstaller [IO: ▲0.00MB] [DB: ▲0.07MB] 75% from 4 tests

🔸 Tests weight: 35 | The uninstall procedure must remove all plugin files and extra database tables

These items require your attention

Zombie WordPress options were found after uninstall: 7 options
- can_compress_scripts
- theysaidso_admin_options
- widget_theysaidso_widget
- db_upgraded
- widget_recent-posts
- widget_recent-comments
- wpsaf_install_version

Smoke tests 50% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | This is a shallow check for server-side errors

Even though everything seems fine, this is not an exhaustive test

SRP 0% from 2 tests

🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser

Please fix the following

1× PHP files output text when accessed directly:
- > /wp-content/plugins/security-antivirus-firewall/extensions/network-monitor/template/manager-ip-change-log.php
24× GET requests to PHP files trigger server-side errors or Error 500 responses (only 10 are shown):
- > PHP Fatal error
  Uncaught Error: Call to undefined function __() in wp-content/plugins/security-antivirus-firewall/core/template/wizard1.php:6
- > PHP Fatal error
  Uncaught Error: Class 'wptsafAbstractExtensionWidget' not found in wp-content/plugins/security-antivirus-firewall/extensions/network-monitor/wptsafExtensionNetworkMonitorWidget.php:13
- > PHP Fatal error
  Uncaught Error: Class 'wptsafSettings' not found in wp-content/plugins/security-antivirus-firewall/extensions/network-monitor/wptsafExtensionNetworkMonitorSettings.php:13
- > PHP Warning
  Invalid argument supplied for foreach() in wp-content/plugins/security-antivirus-firewall/extensions/network-monitor/template/manager-ip-change-log.php on line 25
- > PHP Notice
  Undefined variable: extensionTitle in wp-content/plugins/security-antivirus-firewall/extensions/network-monitor/template/log-row.php on line 17
- > PHP Fatal error
  Uncaught Error: Class 'wpToolsSAFHelperClass' not found in wp-content/plugins/security-antivirus-firewall/extensions/system-log/template/widget.php:16
- > PHP Fatal error
  Uncaught Error: Call to undefined function _e() in wp-content/plugins/security-antivirus-firewall/extensions/login-brute-force/template/email/ban-ip.php:1
- > PHP Fatal error
  Uncaught Error: Call to undefined function __() in wp-content/plugins/security-antivirus-firewall/core/dialogs/wizardStart.php:6
- > PHP Fatal error
  Uncaught Error: Class 'wptsafExtensionCron' not found in wp-content/plugins/security-antivirus-firewall/extensions/login-brute-force/wptsafExtensionLoginBruteForceCron.php:13
- > PHP Fatal error
  Uncaught Error: Class 'wptsafAbstractExtensionAjaxHandle' not found in wp-content/plugins/security-antivirus-firewall/extensions/network-monitor/wptsafExtensionNetworkMonitorAjaxHandle.php:13

User-side errors Passed 1 test

🔹 Test weight: 20 | This is just a short smoke test looking for browser issues

There were no browser issues found

Optimizations

Plugin configuration 93% from 29 tests

readme.txt 94% from 16 tests

The readme.txt file is undoubtedly the most important file in your plugin, preparing it for public listing on WordPress.org

These attributes need your attention:

Tags: Please delete some tags, you are using 18 tag instead of maximum 10

You can take inspiration from this readme.txt

security-antivirus-firewall/index.php 92% from 13 tests

The main PHP script in "Security, Antivirus, Firewall - S.A.F" version 2.3.5 is automatically included on every request by WordPress

You should first fix the following items:

Main file name: Even though not officially enforced, the main plugin file should be the same as the plugin slug ("security-antivirus-firewall.php" instead of "index.php")

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | Executable files are considered dangerous and should not be included with any WordPress plugin

No dangerous file extensions were detected21,157 lines of code in 159 files:

Language	Files	Blank lines	Comment lines	Lines of code
CSS	5	726	149	10,021
PHP	146	1,432	1,519	7,960
JavaScript	5	535	611	2,147
SVG	2	0	0	973
HTML	1	2	0	56

PHP code Passed 2 tests

Analyzing cyclomatic complexity and code structure

Although this was not an exhaustive test, there were no cyclomatic complexity issues detected

Cyclomatic complexity
Average complexity per logical line of code	0.34
Average class complexity	7.10
▷ Minimum class complexity	1.00
▷ Maximum class complexity	45.00
Average method complexity	2.49
▷ Minimum method complexity	1.00
▷ Maximum method complexity	21.00

Code structure
Namespaces	0
Interfaces	0
Traits	0
Classes	83
▷ Abstract classes	6	7.23%
▷ Concrete classes	77	92.77%
▷ Final classes	1	1.30%
Methods	346
▷ Static methods	22	6.36%
▷ Public methods	319	92.20%
▷ Protected methods	27	7.80%
▷ Private methods	0	0.00%
Functions	0
▷ Named functions	0	0.00%
▷ Anonymous functions	0	0.00%
Constants	40
▷ Global constants	18	45.00%
▷ Class constants	22	55.00%
▷ Public constants	22	100.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

It is recommended to compress PNG files in your plugin to minimize bandwidth usage

10 PNG files occupy 0.19MB with 0.07MB in potential savings

Potential savings

Compression of 5 random PNG files using pngquant
File	Size - original	Size - compressed	Savings
assets/img/screenshot_5.png	38.91KB	20.29KB	▼ 47.84%
assets/img/8bcLQqF.png	2.36KB	1.45KB	▼ 38.65%
assets/img/screenshot_6.png	34.27KB	17.80KB	▼ 48.07%
assets/img/screenshot_4.png	32.79KB	16.88KB	▼ 48.52%
assets/dist/css/admin_icon32.png	1.19KB	1.42KB	0.00%

Code Review | Security, Antivirus, Firewall - S.A.F

About plugin

Code review

User reviews

Install metrics