Benchmarks

Plugin footprint 82% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | It is important to correctly install your plugin, without throwing errors or notices

This plugin's installer ran successfully

Server metrics [RAM: ▲0.37MB] [CPU: ▲0.75ms] Passed 4 tests

Server-side resources used by Security Optimizer - The All-In-One WordPress Protection Plugin

Normal server usage

Page	Memory (MB)	CPU Time (ms)
Home /	3.85 ▲0.39	45.85 ▲6.26
Dashboard /wp-admin	3.68 ▲0.33	54.77 ▼10.43
Posts /wp-admin/edit.php	3.73 ▲0.37	56.31 ▲6.61
Add New Post /wp-admin/post-new.php	6.38 ▲0.49	99.07 ▲2.34
Media Library /wp-admin/upload.php	3.60 ▲0.37	40.22 ▲4.81
Dashboard /wp-admin/admin.php?page=sg-security	3.57	39.75
Login Security /wp-admin/admin.php?page=login-settings	3.57	38.27
Post-hack Actions /wp-admin/admin.php?page=post-hack-actions	3.57	42.07
Activity Log /wp-admin/admin.php?page=activity-log	3.57	37.32
Site Security /wp-admin/admin.php?page=site-security	3.57	39.78
SG Plugins /wp-admin/options-general.php?page=siteground_settings	3.57	37.35

Server storage [IO: ▲1.74MB] [DB: ▲0.01MB] 67% from 3 tests

How much does this plugin use your filesystem and database?

Please try to fix the following items

You have illegally modified 4 files (1.50KB) outside of "wp-content/plugins/sg-security/" and "wp-content/uploads/"
- (new file) wp-includes/.htaccess
- (modified) .htaccess
- (new file) wp-content/sgs_encrypt_key.php
- (new file) wp-content/.htaccess

Filesystem: 311 new files

Database: 2 new tables, 23 new options

New tables
wp_sgs_log_events
wp_sgs_log_visitors

New WordPress options
siteground_data_token
sg_security_wp_remove_version
widget_recent-posts
sg_security_update_timestamp
sg_security_version
widget_theysaidso_widget
sg_security_disable_xml_rpc
sg_security_login_attempts
sg_security_lock_system_folders
sg_security_login_type
...

Browser metrics Passed 4 tests

Security Optimizer - The All-In-One WordPress Protection Plugin: an overview of browser usage

There were no issues detected in relation to browser resource usage

Page	Nodes	Memory (MB)	Script (ms)	Layout (ms)
Home /	2,835 ▲88	14.67 ▲0.44	1.55 ▼0.07	38.24 ▼4.19
Dashboard /wp-admin	2,230 ▲53	5.55 ▼0.11	95.92 ▼1.75	82.37 ▲33.92
Posts /wp-admin/edit.php	2,150 ▲50	2.01 ▲0.02	36.18 ▼0.73	34.98 ▲0.51
Add New Post /wp-admin/post-new.php	1,563 ▲37	23.64 ▲0.54	596.54 ▼45.81	163.69 ▲112.47
Media Library /wp-admin/upload.php	1,444 ▲44	4.17 ▼0.09	98.94 ▼6.33	76.59 ▲29.96
Dashboard /wp-admin/admin.php?page=sg-security	1,232	6.40	133.43	143.31
Login Security /wp-admin/admin.php?page=login-settings	985	6.10	109.59	59.09
Post-hack Actions /wp-admin/admin.php?page=post-hack-actions	938	4.41	89.56	55.14
Activity Log /wp-admin/admin.php?page=activity-log	1,222	5.43	101.02	59.61
Site Security /wp-admin/admin.php?page=site-security	1,005	5.83	90.65	54.62
SG Plugins /wp-admin/options-general.php?page=siteground_settings	872	2.01	25.66	27.18

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | Checking the uninstaller removed all traces of the plugin

Please fix the following items

Zombie WordPress options were found after uninstall: 22 options
- widget_recent-comments
- sg_security_lock_system_folders
- theysaidso_admin_options
- widget_recent-posts
- sg_security_disable_xml_rpc
- db_upgraded
- sg_security_login_type
- sg_security_login_attempts
- sg_security_wp_remove_version
- sg_security_disable_file_edit
- ...

Smoke tests 25% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | Just a short smoke test targeting errors on the server (in the Apache logs)

Everything seems fine, however this is by no means an exhaustive test

SRP 0% from 2 tests

🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser

Please fix the following items

10× GET requests to PHP files return non-empty strings:
- > /wp-content/plugins/sg-security/templates/weekly_report.php
- > /wp-content/plugins/sg-security/templates/partials/weekly_report_non_sg.php
- > /wp-content/plugins/sg-security/templates/partials/weekly-report/intro/default.php
- > /wp-content/plugins/sg-security/templates/partials/weekly-report/learn-more/it_IT.php
- > /wp-content/plugins/sg-security/templates/partials/weekly-report/learn-more/de_DE.php
- > /wp-content/plugins/sg-security/templates/partials/weekly-report/learn-more/default.php
- > /wp-content/plugins/sg-security/templates/partials/weekly-report/learn-more/es_ES.php
- > /wp-content/plugins/sg-security/templates/partials/weekly-report/intro/es_ES.php
- > /wp-content/plugins/sg-security/templates/partials/weekly-report/intro/de_DE.php
- > /wp-content/plugins/sg-security/templates/partials/weekly-report/intro/it_IT.php
301× GET requests to PHP files trigger server-side errors or Error 500 responses (only 10 are shown):
- > PHP Fatal error
  Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/sg-security/vendor/composer/installers/src/Composer/Installers/TheliaInstaller.php:4
- > PHP Fatal error
  Uncaught Error: Call to undefined function esc_html_e() in wp-content/plugins/sg-security/templates/partials/new-backup-codes.php:2
- > PHP Notice
  Trying to access array offset on value of type null in wp-content/plugins/sg-security/templates/partials/weekly-report/intro/default.php on line 4
- > PHP Fatal error
  Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/sg-security/vendor/composer/installers/src/Composer/Installers/MajimaInstaller.php:8
- > PHP Notice
  Trying to access array offset on value of type null in wp-content/plugins/sg-security/templates/partials/weekly-report/intro/it_IT.php on line 4
- > PHP Fatal error
  Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/sg-security/vendor/composer/installers/src/Composer/Installers/OctoberInstaller.php:4
- > PHP Warning
  Invalid argument supplied for foreach() in wp-content/plugins/sg-security/templates/partials/weekly_report_non_sg.php on line 29
- > PHP Notice
  Trying to access array offset on value of type null in wp-content/plugins/sg-security/templates/partials/weekly-report/intro/default.php on line 4
- > PHP Fatal error
  Uncaught Error: Class 'Composer\\Installers\\BaseInstaller' not found in wp-content/plugins/sg-security/vendor/composer/installers/src/Composer/Installers/ChefInstaller.php:4
- > PHP Fatal error
  Uncaught Error: Class 'SG_Security\\Activity_Log\\Activity_Log_Helper' not found in wp-content/plugins/sg-security/core/Activity_Log/Activity_Log_Posts.php:7

User-side errors 0% from 1 test

🔹 Test weight: 20 | This is just a short smoke test looking for browser issues

There are user-side issues you should fix

2 occurences, only the last one shown
- > GET request to /wp-admin/admin.php?page=activity-log
- > Console-api (warning) in wp-content/plugins/sg-security/assets/js/main.min.js?ver=1.4.8+1:359673
%c\"column.renderHead\" will be deprecated in favor of \"column.render\" " "color: red; font-size: small
2 occurences, only the last one shown
- > GET request to /wp-admin/admin.php?page=activity-log
- > Console-api (warning) in wp-content/plugins/sg-security/assets/js/main.min.js?ver=1.4.8+1:359673
%cUsing \"cell.accessor\" as default column header will be deprecated." "color: red; font-size: small
5 occurences, only the last one shown
- > GET request to /wp-admin/admin.php?page=site-security
- > Console-api (warning) in wp-content/plugins/sg-security/assets/js/main.min.js?ver=1.4.8+1:359673
%c\"checkIcon\" will be deprecated, please use \"icon\" instead" "color: red; font-size: small

Optimizations

Plugin configuration 87% from 29 tests

readme.txt 88% from 16 tests

It's important to format your readme.txt file correctly as it is parsed for the public listing of your plugin

These attributes need to be fixed:

Tags: There are too many tags (12 tag instead of maximum 10)
Screenshots: Add descriptions for screenshots #1, #2, #3, #4, #5 in sg-security/assets to your readme.txt

The official readme.txt is a good inspiration

sg-security/sg-security.php 85% from 13 tests

The primary PHP file in "Security Optimizer - The All-In-One WordPress Protection Plugin" version 1.4.8 is used by WordPress to initiate all plugin functionality

You should first fix the following items:

Domain Path: The domain path points to an invalid folder, "/languages" does not exist
Description: Keep the plugin description shorter than 140 characters (currently 320 characters long)

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | A short glimpse at programming languages used with this plugin and a check that no dangerous files are present

No dangerous file extensions were detected14,710 lines of code in 284 files:

Language	Files	Blank lines	Comment lines	Lines of code
PHP	234	2,847	6,686	12,634
JSON	14	4	0	1,022
Markdown	13	251	0	562
PO File	11	50	85	301
XML	4	2	0	67
CSS	1	0	0	64
YAML	4	7	0	45
JavaScript	2	1	2	14
SVG	1	0	0	1

PHP code Passed 2 tests

Analyzing cyclomatic complexity and code structure

There were no cyclomatic complexity issued detected

Cyclomatic complexity
Average complexity per logical line of code	0.33
Average class complexity	6.85
▷ Minimum class complexity	1.00
▷ Maximum class complexity	114.00
Average method complexity	2.63
▷ Minimum method complexity	1.00
▷ Maximum method complexity	53.00

Code structure
Namespaces	41
Interfaces	1
Traits	8
Classes	194
▷ Abstract classes	4	2.06%
▷ Concrete classes	190	97.94%
▷ Final classes	0	0.00%
Methods	742
▷ Static methods	73	9.84%
▷ Public methods	643	86.66%
▷ Protected methods	61	8.22%
▷ Private methods	38	5.12%
Functions	18
▷ Named functions	2	11.11%
▷ Anonymous functions	16	88.89%
Constants	14
▷ Global constants	4	28.57%
▷ Class constants	10	71.43%
▷ Public constants	10	100.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

PNG files should be compressed to save space and minimize bandwidth usage

No PNG images were found in this plugin

Code Review | Security Optimizer - The All-In-One WordPress Protection Plugin

About plugin

Code review

User reviews

Install metrics