Benchmarks
Plugin footprint 40% from 16 tests
Installer 0% from 1 test
🔺 Critical test (weight: 50) | All plugins must install correctly, without throwing any errors, warnings, or notices
The following installer errors require your attention
- Install procedure had errors
- > User deprecated in wp-includes/functions.php+5643
File wp-db.php is deprecated since version 6.1.0! Use wp-includes/class-wpdb.php instead.
Server metrics [RAM: ▲0.10MB] [CPU: ▼6.05ms] Passed 4 tests
Server-side resources used by SpoofProof
This plugin does not affect your website's performance
| Page | Memory (MB) | CPU Time (ms) |
|---|---|---|
| Home / | 3.56 ▲0.10 | 37.09 ▼7.19 |
| Dashboard /wp-admin | 3.40 ▲0.10 | 49.37 ▼3.53 |
| Posts /wp-admin/edit.php | 3.52 ▲0.16 | 52.56 ▲1.26 |
| Add New Post /wp-admin/post-new.php | 5.98 ▲0.10 | 95.61 ▼14.75 |
| Media Library /wp-admin/upload.php | 3.33 ▲0.10 | 37.04 ▲4.59 |
Server storage [IO: ▲0.55MB] [DB: ▲0.00MB] Passed 3 tests
Analyzing filesystem and database footprints of this plugin
This plugin was installed successfully
Filesystem: 39 new files
Database: 2 new tables, 7 new options
| New tables |
|---|
| wp_users_suppliment |
| wp_users_images |
| New WordPress options |
|---|
| db_upgraded |
| SpoofProof_db_version |
| theysaidso_admin_options |
| widget_recent-comments |
| widget_recent-posts |
| can_compress_scripts |
| widget_theysaidso_widget |
Browser metrics Passed 4 tests
An overview of browser requirements for SpoofProof
There were no issues detected in relation to browser resource usage
| Page | Nodes | Memory (MB) | Script (ms) | Layout (ms) |
|---|---|---|---|---|
| Home / | 2,805 ▲19 | 14.26 ▲1.16 | 1.79 ▼4.00 | 43.66 ▼2.88 |
| Dashboard /wp-admin | 2,211 ▲34 | 5.79 ▲0.14 | 91.92 ▼0.65 | 40.83 ▼8.57 |
| Posts /wp-admin/edit.php | 2,116 ▲16 | 2.00 ▼0.01 | 40.47 ▼0.09 | 36.47 ▲2.47 |
| Add New Post /wp-admin/post-new.php | 1,548 ▲19 | 18.37 ▼4.84 | 601.74 ▼63.94 | 68.88 ▲8.00 |
| Media Library /wp-admin/upload.php | 1,413 ▲16 | 4.32 ▲0.06 | 100.47 ▼4.03 | 43.74 ▼2.20 |
Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 50% from 4 tests
🔸 Tests weight: 35 | Checking the uninstaller removed all traces of the plugin
It is recommended to fix the following
- The plugin did not uninstall successfully, leaving 2 tables in the database
- wp_users_suppliment
- wp_users_images
- This plugin does not fully uninstall, leaving 7 options in the database
- SpoofProof_db_version
- db_upgraded
- widget_recent-comments
- widget_recent-posts
- widget_theysaidso_widget
- theysaidso_admin_options
- can_compress_scripts
Smoke tests 50% from 4 tests
Server-side errors Passed 1 test
🔹 Test weight: 20 | A smoke test targeting server-side errors
Even though everything seems fine, this is not an exhaustive test
SRP 0% from 2 tests
🔹 Tests weight: 20 | The single-responsibility principle applies for WordPress plugins as well - please make sure your PHP files perform no actions when accessed directly
Please take a closer look at the following
- 1× PHP files perform the action of outputting non-empty strings when accessed directly:
- > /wp-content/plugins/spoofproof/spoofproof.php
- 1× PHP files trigger server errors when accessed directly:
- > PHP Fatal error
Uncaught Error: Call to undefined function wp_enqueue_script() in wp-content/plugins/spoofproof/spoofproof-page-options.php:2
- > PHP Fatal error
User-side errors Passed 1 test
🔹 Test weight: 20 | This is just a short smoke test looking for browser issues
Everything seems fine, but this is not an exhaustive test
Optimizations
Plugin configuration Passed 29 tests
readme.txt Passed 16 tests
The readme.txt file uses markdown syntax to describe your plugin to the world
6 plugin tags: injection, anti-javascript-injection, spoofproof, anti-php-injection, anti-injection...
spoofproof/spoofproof.php Passed 13 tests
The main PHP script in "SpoofProof" version 1.0 is automatically included on every request by WordPress
94 characters long description:
Real security for Word Press we stop Spoofing, Phishing, redirection attacks and MItM attacks.
Code Analysis Passed 3 tests
File types Passed 1 test
🔸 Test weight: 35 | Executable files are not allowed as they can serve as attack vectors
There were no executable files found in this plugin1,056 lines of code in 4 files:
| Language | Files | Blank lines | Comment lines | Lines of code |
|---|---|---|---|---|
| PHP | 2 | 49 | 261 | 688 |
| CSS | 1 | 38 | 4 | 290 |
| JavaScript | 1 | 5 | 10 | 78 |
PHP code Passed 2 tests
A short review of cyclomatic complexity and code structure
Everything seems fine, there were no complexity issues found
| Cyclomatic complexity | |
|---|---|
| Average complexity per logical line of code | 0.15 |
| Average class complexity | 1.00 |
| ▷ Minimum class complexity | 1.00 |
| ▷ Maximum class complexity | 1.00 |
| Average method complexity | 1.00 |
| ▷ Minimum method complexity | 1.00 |
| ▷ Maximum method complexity | 1.00 |
| Code structure | ||
|---|---|---|
| Namespaces | 0 | |
| Interfaces | 0 | |
| Traits | 0 | |
| Classes | 1 | |
| ▷ Abstract classes | 0 | 0.00% |
| ▷ Concrete classes | 1 | 100.00% |
| ▷ Final classes | 0 | 0.00% |
| Methods | 3 | |
| ▷ Static methods | 0 | 0.00% |
| ▷ Public methods | 3 | 100.00% |
| ▷ Protected methods | 0 | 0.00% |
| ▷ Private methods | 0 | 0.00% |
| Functions | 20 | |
| ▷ Named functions | 20 | 100.00% |
| ▷ Anonymous functions | 0 | 0.00% |
| Constants | 4 | |
| ▷ Global constants | 4 | 100.00% |
| ▷ Class constants | 0 | 0.00% |
| ▷ Public constants | 0 | 0.00% |
Plugin size Passed 2 tests
Image compression Passed 2 tests
Often times overlooked, PNG files can occupy unnecessary space in your plugin
21 PNG files occupy 0.36MB with 0.13MB in potential savings
Potential savings
| Compression of 5 random PNG files using pngquant | |||
|---|---|---|---|
| File | Size - original | Size - compressed | Savings |
| img/toload/wordpress-logo.png | 45.60KB | 21.94KB | ▼ 51.89% |
| img/horse.png | 5.41KB | 5.00KB | ▼ 7.54% |
| img/CipherTooth.png | 2.11KB | 0.88KB | ▼ 58.12% |
| img/steak.png | 31.30KB | 12.97KB | ▼ 58.55% |
| img/masks.png | 6.19KB | 5.88KB | ▼ 5.03% |