10% wp-cerber

Code Review | WP Cerber Security, Anti-spam & Malware Scan

WordPress plugin WP Cerber Security, Anti-spam & Malware Scan scored 10% from 54 tests.

About plugin

  • Plugin page: wp-cerber
  • Plugin version: 8.9.6
  • PHP compatiblity: 7.0+
  • PHP version: 7.4.16
  • WordPress compatibility: 4.9-5.9
  • WordPress version: 5.8.1
  • First release: Sep 3, 2015
  • Latest release: Feb 1, 2022
  • Number of updates: 167
  • Update frequency: every 14.0 days
  • Top authors: Gioni (100%)

Code review

54 tests

User reviews

568 reviews

Install metrics

200,000+ active / 3,773,655 total downloads

Benchmarks

Plugin footprint 75% from 16 tests

Installer 0% from 1 test

🔺 Critical test (weight: 50) | The install procedure must perform silently
The following installer errors require your attention
  • Install procedure validation failed for this plugin
    • > Notice in wp-content/plugins/wp-cerber/cerber-load.php+6069
    Constant CRB_DOING_UPGRADE already defined

Server metrics [RAM: ▲4.34MB] [CPU: ▼115.68ms] Passed 4 tests

Analyzing server-side resources used by WP Cerber Security, Anti-spam & Malware Scan
Server-side resource usage in normal parameters
PageMemory (MB)CPU Time (ms)
Home /6.04 ▲3.2073.44 ▲43.20
Dashboard /wp-admin7.79 ▲4.7369.17 ▲25.99
Posts /wp-admin/edit.php7.88 ▲4.7768.92 ▲34.69
Add New Post /wp-admin/post-new.php10.17 ▲4.7399.24 ▼549.57
Media Library /wp-admin/upload.php7.73 ▲4.7352.16 ▲26.16
Tools /wp-admin/admin.php?page=cerber-tools7.7262.13
Dashboard /wp-admin/admin.php?page=cerber-security7.7473.70
Cerber.Hub /wp-admin/admin.php?page=cerber-nexus7.7251.30
Site Integrity /wp-admin/admin.php?page=cerber-integrity7.7260.42
Traffic Inspector /wp-admin/admin.php?page=cerber-traffic7.7665.45
Anti-spam /wp-admin/admin.php?page=cerber-recaptcha7.7355.11
User Policies /wp-admin/admin.php?page=cerber-users7.8357.11

Server storage [IO: ▲5.22MB] [DB: ▲0.03MB] Passed 3 tests

How much does this plugin use your filesystem and database?
The plugin installed successfully
Filesystem: 374 new files
Database: 12 new tables, no new options
New tables
wp_cerber_files
cerber_acl
cerber_countries
cerber_qmem
cerber_log
cerber_traffic
cerber_blocks
cerber_lab_net
wp_cerber_uss
cerber_lab
...

Browser metrics Passed 4 tests

An overview of browser requirements for WP Cerber Security, Anti-spam & Malware Scan
Minimal impact on browser resources
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /3,959 ▲33316.34 ▲0.645.36 ▲0.05102.85 ▲26.61
Dashboard /wp-admin3,221 ▲3256.56 ▲0.40119.61 ▼17.24140.82 ▼43.82
Posts /wp-admin/edit.php2,782 ▲393.30 ▲0.0666.94 ▲3.06126.24 ▼14.01
Add New Post /wp-admin/post-new.php1,734 ▼2,00120.60 ▲2.57394.42 ▼53.09160.01 ▼8.27
Media Library /wp-admin/upload.php1,830 ▲785.86 ▲0.33130.00 ▼24.99157.13 ▼31.97
Tools /wp-admin/admin.php?page=cerber-tools1,4273.1563.41180.64
Dashboard /wp-admin/admin.php?page=cerber-security1,5413.2569.32127.78
Cerber.Hub /wp-admin/admin.php?page=cerber-nexus1,1523.1156.84113.27
Site Integrity /wp-admin/admin.php?page=cerber-integrity1,7503.2366.85137.70
Traffic Inspector /wp-admin/admin.php?page=cerber-traffic2,0863.5269.23133.13
Anti-spam /wp-admin/admin.php?page=cerber-recaptcha1,5573.1261.36154.57
User Policies /wp-admin/admin.php?page=cerber-users2,7723.3664.77133.94

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] Passed 4 tests

🔸 Tests weight: 35 | The uninstall procedure must remove all plugin files and extra database tables
The plugin uninstalled successfully, without leaving any zombie files or tables

Smoke tests 75% from 4 tests

Server-side errors Passed 1 test

🔹 Test weight: 20 | This is a short smoke test looking for server-side errors
Everything seems fine, however this is by no means an exhaustive test

SRP 50% from 2 tests

🔹 Tests weight: 20 | The single-responsibility principle: PHP files have to remain inert when accessed directly, throwing no errors and performing no actions
Please fix the following items
  • 7× GET requests to PHP files trigger server-side errors or Error 500 responses:
    • > PHP Fatal error
      Uncaught Error: Call to undefined function add_action() in wp-content/plugins/wp-cerber/admin/cerber-users.php:3
    • > PHP Fatal error
      Uncaught Error: Call to undefined function add_action() in wp-content/plugins/wp-cerber/cerber-addons.php:52
    • > PHP Warning
      Use of undefined constant ABSPATH - assumed 'ABSPATH' (this will throw an Error in a future version of PHP) in wp-content/plugins/wp-cerber/cerber-maintenance.php on line 34
    • > PHP Fatal error
      Uncaught Error: Call to undefined function add_action() in wp-content/plugins/wp-cerber/admin/cerber-admin.php:36
    • > PHP Fatal error
      require_once(): Failed opening required 'ABSPATHwp-admin/includes/class-wp-upgrader.php' (include_path='.:/usr/share/php') in wp-content/plugins/wp-cerber/cerber-maintenance.php on line 34
    • > PHP Fatal error
      Uncaught Error: Call to undefined function add_action() in wp-content/plugins/wp-cerber/cerber-scanner.php:106
    • > PHP Warning
      require_once(ABSPATHwp-admin/includes/class-wp-upgrader.php): failed to open stream: No such file or directory in wp-content/plugins/wp-cerber/cerber-maintenance.php on line 34

User-side errors Passed 1 test

🔹 Test weight: 20 | A shallow check that no browser errors were triggered
There were no browser issues found

Optimizations

Plugin configuration 93% from 29 tests

readme.txt 94% from 16 tests

It's important to format your readme.txt file correctly as it is parsed for the public listing of your plugin
Attributes that require attention:
  • Tags: There are too many tags (13 tag instead of maximum 10)
You can take inspiration from this readme.txt

wp-cerber/wp-cerber.php 92% from 13 tests

The entry point to "WP Cerber Security, Anti-spam & Malware Scan" version 8.9.6 is a PHP file that has certain tags in its header comment area
Please make the necessary changes and fix the following:
  • Description: If Twitter did it, so should we! Keep the description under 140 characters (currently 339 characters long)

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | Executable files are not allowed as they can serve as attack vectors
Success! There were no dangerous files found in this plugin67,065 lines of code in 70 files:
LanguageFilesBlank linesComment linesLines of code
PO File2116,56317,43233,903
PHP267,1555,16527,942
CSS106482923,719
JavaScript113782101,423
SVG10061
Markdown14017

PHP code Passed 2 tests

An overview of cyclomatic complexity and code structure
Everything seems fine, there were no complexity issues found
Cyclomatic complexity
Average complexity per logical line of code0.51
Average class complexity38.17
▷ Minimum class complexity1.00
▷ Maximum class complexity137.00
Average method complexity5.06
▷ Minimum method complexity1.00
▷ Maximum method complexity31.00
Code structure
Namespaces0
Interfaces0
Traits0
Classes18
▷ Abstract classes00.00%
▷ Concrete classes18100.00%
▷ Final classes844.44%
Methods152
▷ Static methods10065.79%
▷ Public methods12582.24%
▷ Protected methods21.32%
▷ Private methods2516.45%
Functions960
▷ Named functions77480.62%
▷ Anonymous functions18619.38%
Constants165
▷ Global constants137.88%
▷ Class constants15292.12%
▷ Public constants152100.00%

Plugin size Passed 2 tests

Image compression Passed 2 tests

It is recommended to compress PNG files in your plugin to minimize bandwidth usage
263 compressed PNG files occupy 0.25MB
Potential savings
Compression of 5 random PNG files using pngquant
FileSize - originalSize - compressedSavings
assets/flags/ck.png0.36KB0.36KB0.00%
assets/flags/eg.png0.21KB0.22KB0.00%
assets/flags/nl.png0.10KB0.10KB0.00%
assets/inspector.png23.45KB11.88KB▼ 49.35%
assets/flags/tk.png0.29KB0.29KB▼ 0.66%