Benchmarks
Plugin footprint 82% from 16 tests
Installer Passed 1 test
🔺 Critical test (weight: 50) | All plugins must install correctly, without throwing any errors, warnings, or notices
This plugin's installer ran successfully
Server metrics [RAM: ▲0.50MB] [CPU: ▲0.16ms] Passed 4 tests
Server-side resources used by WP Hardening - Fix Your WordPress Security
Server-side resource usage in normal parameters
| Page | Memory (MB) | CPU Time (ms) |
|---|---|---|
| Home / | 4.00 ▲0.53 | 44.17 ▲4.09 |
| Dashboard /wp-admin | 3.84 ▲0.54 | 52.90 ▲2.70 |
| Posts /wp-admin/edit.php | 3.89 ▲0.53 | 49.79 ▲3.94 |
| Add New Post /wp-admin/post-new.php | 6.37 ▲0.49 | 94.30 ▼10.07 |
| Media Library /wp-admin/upload.php | 3.69 ▲0.47 | 40.78 ▲8.27 |
| Hardening Audit /wp-admin/admin.php?page=wphwp_harden | 3.71 | 37.12 |
| Security Fixers /wp-admin/admin.php?page=wphwp_harden_fixers | 3.68 | 35.32 |
| Help /wp-admin/admin.php?page=wphwp_harden_help | 3.64 | 32.28 |
| Upgrade to Firewall /wp-admin/admin.php?page=wphwp_harden_upgrade | 3.64 | 33.81 |
Server storage [IO: ▲2.00MB] [DB: ▲0.00MB] 67% from 3 tests
Input-output and database impact of this plugin
Please fix the following
- You have illegally modified 1 file (0.00KB) outside of "wp-content/plugins/wp-security-hardening/" and "wp-content/uploads/"
- (new file) wp-includes/index.php
Filesystem: 85 new files
Database: no new tables, 11 new options
| New WordPress options |
|---|
| can_compress_scripts |
| theysaidso_admin_options |
| widget_recent-posts |
| whp_scan_results_time |
| widget_recent-comments |
| widget_theysaidso_widget |
| whp_scan_results |
| whp_fixer_option |
| whp_radio_clickjacking_protection |
| hard_cron |
| ... |
Browser metrics Passed 4 tests
Checking browser requirements for WP Hardening - Fix Your WordPress Security
There were no issues detected in relation to browser resource usage
| Page | Nodes | Memory (MB) | Script (ms) | Layout (ms) |
|---|---|---|---|---|
| Home / | 3,086 ▲325 | 13.53 ▼1.03 | 8.77 ▲7.03 | 27.71 ▼15.45 |
| Dashboard /wp-admin | 2,473 ▲299 | 5.63 ▲0.05 | 89.11 ▼3.01 | 94.66 ▲57.98 |
| Posts /wp-admin/edit.php | 2,262 ▲159 | 2.10 ▲0.08 | 40.39 ▼1.30 | 45.22 ▲4.20 |
| Add New Post /wp-admin/post-new.php | 1,663 ▲128 | 22.43 ▲4.29 | 736.48 ▲123.26 | 58.22 ▼7.09 |
| Media Library /wp-admin/upload.php | 1,477 ▲77 | 4.24 ▲0.02 | 98.69 ▼1.20 | 80.93 ▲37.52 |
| Hardening Audit /wp-admin/admin.php?page=wphwp_harden | 1,483 | 1.86 | 34.96 | 57.38 |
| Security Fixers /wp-admin/admin.php?page=wphwp_harden_fixers | 1,487 | 1.99 | 33.94 | 49.15 |
| Help /wp-admin/admin.php?page=wphwp_harden_help | 979 | 2.20 | 25.58 | 29.28 |
| Upgrade to Firewall /wp-admin/admin.php?page=wphwp_harden_upgrade | 980 | 2.33 | 25.97 | 27.46 |
Uninstaller [IO: ▲0.00MB] [DB: ▲0.01MB] 75% from 4 tests
🔸 Tests weight: 35 | The uninstall procedure must remove all plugin files and extra database tables
These items require your attention
- This plugin does not fully uninstall, leaving 11 options in the database
- widget_recent-posts
- widget_recent-comments
- whp_radio_clickjacking_protection
- whp_scan_results_time
- hard_cron
- whp_fixer_option
- whp_scan_results
- theysaidso_admin_options
- widget_theysaidso_widget
- db_upgraded
- ...
Smoke tests 50% from 4 tests
Server-side errors 0% from 1 test
🔹 Test weight: 20 | A shallow check that no server-side errors were triggered
Please fix the following server-side errors
- 2 occurences, only the last one shown
- > GET request to /wp-admin/admin.php?page=wphwp_harden_upgrade
- > Notice in wp-content/plugins/wp-security-hardening/modules/settings.php+102
Trying to access array offset on value of type bool
- 2 occurences, only the last one shown
- > GET request to /wp-admin/admin.php?page=wphwp_harden_upgrade
- > Notice in wp-content/plugins/wp-security-hardening/modules/formElementsClass.php+522
Undefined index: width
- 4 occurences, only the last one shown
- > GET request to /wp-admin/admin.php?page=wphwp_harden_upgrade
- > Notice in wp-content/plugins/wp-security-hardening/modules/formElementsClass.php+526
Undefined index: id
- 2 occurences, only the last one shown
- > GET request to /wp-admin/admin.php?page=wphwp_harden_upgrade
- > Notice in wp-content/plugins/wp-security-hardening/modules/formElementsClass.php+526
Undefined index: style
- 2 occurences, only the last one shown
- > GET request to /wp-admin/admin.php?page=wphwp_harden_upgrade
- > Notice in wp-content/plugins/wp-security-hardening/modules/formElementsClass.php+526
Undefined index: class
- 2 occurences, only the last one shown
- > GET request to /wp-admin/admin.php?page=wphwp_harden_upgrade
- > Notice in wp-content/plugins/wp-security-hardening/modules/formElementsClass.php+533
Undefined index: sub_text
SRP 50% from 2 tests
🔹 Tests weight: 20 | SRP (Single-Responsibility Principle) - PHP files must act as libraries and never output text or perform any action when accessed directly in a browser
The following issues need your attention
- 8× PHP files output text when accessed directly:
- > /wp-content/plugins/wp-security-hardening/modules/formElementsClass.php
- > /wp-content/plugins/wp-security-hardening/modules/scripts.php
- > /wp-content/plugins/wp-security-hardening/modules/ajax.php
- > /wp-content/plugins/wp-security-hardening/modules/hooks.php
- > /wp-content/plugins/wp-security-hardening/wp-hardening.php
- > /wp-content/plugins/wp-security-hardening/modules/settings.php
- > /wp-content/plugins/wp-security-hardening/modules/gaIP.php
- > /wp-content/plugins/wp-security-hardening/modules/functions.php
User-side errors Passed 1 test
🔹 Test weight: 20 | Just a short smoke test targeting errors on the browser (console and network errors and warnings)
Everything seems fine, but this is not an exhaustive test
Optimizations
Plugin configuration 93% from 29 tests
readme.txt 94% from 16 tests
The readme.txt file is an important file in your plugin as it is parsed by WordPress.org to prepare the public listing of your plugin
Please fix the following attributes:
- Tags: There are too many tags (13 tag instead of maximum 10)
wp-security-hardening/wp-hardening.php 92% from 13 tests
"WP Hardening - Fix Your WordPress Security" version 1.2.6's main PHP file describes plugin functionality and also serves as the entry point to any WordPress functionality
It is important to fix the following:
- Main file name: The principal plugin file should be the same as the plugin slug ("wp-security-hardening.php" instead of "wp-hardening.php")
Code Analysis Passed 3 tests
File types Passed 1 test
🔸 Test weight: 35 | A short review of files and their extensions; it is not recommended to include executable files
Everything looks great! No dangerous files found in this plugin25,514 lines of code in 66 files:
| Language | Files | Blank lines | Comment lines | Lines of code |
|---|---|---|---|---|
| CSS | 13 | 344 | 68 | 11,876 |
| JavaScript | 13 | 2,485 | 1,325 | 7,942 |
| PHP | 8 | 715 | 185 | 2,452 |
| Sass | 13 | 19 | 22 | 1,158 |
| LESS | 13 | 19 | 31 | 1,149 |
| SVG | 5 | 0 | 0 | 519 |
| PO File | 1 | 132 | 141 | 418 |
PHP code Passed 2 tests
This is a short overview of cyclomatic complexity and code structure for this plugin
Everything seems fine, there were no complexity issues found
| Cyclomatic complexity | |
|---|---|
| Average complexity per logical line of code | 0.55 |
| Average class complexity | 32.12 |
| ▷ Minimum class complexity | 11.00 |
| ▷ Maximum class complexity | 74.00 |
| Average method complexity | 4.46 |
| ▷ Minimum method complexity | 1.00 |
| ▷ Maximum method complexity | 69.00 |
| Code structure | ||
|---|---|---|
| Namespaces | 0 | |
| Interfaces | 0 | |
| Traits | 0 | |
| Classes | 8 | |
| ▷ Abstract classes | 0 | 0.00% |
| ▷ Concrete classes | 8 | 100.00% |
| ▷ Final classes | 0 | 0.00% |
| Methods | 72 | |
| ▷ Static methods | 4 | 5.56% |
| ▷ Public methods | 65 | 90.28% |
| ▷ Protected methods | 0 | 0.00% |
| ▷ Private methods | 7 | 9.72% |
| Functions | 24 | |
| ▷ Named functions | 21 | 87.50% |
| ▷ Anonymous functions | 3 | 12.50% |
| Constants | 3 | |
| ▷ Global constants | 3 | 100.00% |
| ▷ Class constants | 0 | 0.00% |
| ▷ Public constants | 0 | 0.00% |
Plugin size Passed 2 tests
Image compression Passed 2 tests
Using a strong compression for your PNG files is a great way to speed-up your plugin
8 PNG files occupy 0.25MB with 0.17MB in potential savings
Potential savings
| Compression of 5 random PNG files using pngquant | |||
|---|---|---|---|
| File | Size - original | Size - compressed | Savings |
| modules/images/wp-harden.png | 15.25KB | 0.40KB | ▼ 97.36% |
| modules/css/noise_layer.png | 134.67KB | 81.08KB | ▼ 39.79% |
| modules/images/tick-inside-circle.png | 17.83KB | 0.49KB | ▼ 97.27% |
| modules/images/wp-harden-active.png | 15.24KB | 0.40KB | ▼ 97.36% |
| modules/inc/assets/css/glyphicons-halflings.png | 12.50KB | 10.35KB | ▼ 17.19% |