83% wp-security-log

Code Review | WP Security Log

WordPress plugin WP Security Log scored 83% from 54 tests.

About plugin

  • Plugin page: wp-security-log
  • Plugin version: 1.0
  • PHP version: 7.4.16
  • WordPress compatibility: 3.3-3.5
  • WordPress version: 5.9.2
  • First release: Mar 11, 2013
  • Latest release: Mar 11, 2013
  • Number of updates: 16
  • Update frequency: every 61.1 days
  • Top authors: HoosierDragon (100%)

Code review

54 tests

User reviews

1 review

Install metrics

20+ active / 3,304 total downloads

Benchmarks

Plugin footprint 83% from 16 tests

Installer Passed 1 test

🔺 Critical test (weight: 50) | It is important to correctly install your plugin, without throwing errors or notices
This plugin's installer ran successfully

Server metrics [RAM: ▲0.36MB] [CPU: ▼292.83ms] Passed 4 tests

Analyzing server-side resources used by WP Security Log
No issues were detected with server-side resource usage
PageMemory (MB)CPU Time (ms)
Home /3.92 ▲0.4085.42 ▲23.38
Dashboard /wp-admin3.77 ▲0.3644.46 ▲4.81
Posts /wp-admin/edit.php3.99 ▲0.3547.63 ▲3.50
Add New Post /wp-admin/post-new.php7.29 ▲0.32108.20 ▼1,182.42
Media Library /wp-admin/upload.php3.72 ▲0.4229.86 ▲2.81
Options /wp-admin/admin.php?page=wp-security-log3.6230.26
Error 404 Log 0 /wp-admin/admin.php?page=wp-security-log/error_404_log3.6030.98
Login Attack Log0 /wp-admin/admin.php?page=wp-security-log/login_attack_log3.6025.78

Server storage [IO: ▲0.80MB] [DB: ▲0.00MB] Passed 3 tests

Filesystem and database footprint
No storage issues were detected
Filesystem: 29 new files
Database: no new tables, 7 new options
New WordPress options
wpseclog-login-attack-check
wpseclog-error-404-check
wpseclog_ip_address_list
wpseclog_error_404_log
wpseclog-error-404-check-search
wpseclog_login_attack_log
wpseclog-error-404-check-pagespeed

Browser metrics Passed 4 tests

WP Security Log: an overview of browser usage
This plugin has a minimal impact on browser resources
PageNodesMemory (MB)Script (ms)Layout (ms)
Home /3,810 ▲8815.90 ▲0.637.10 ▲0.272.15 ▼0.04
Dashboard /wp-admin2,933 ▲725.99 ▼0.20114.71 ▼35.90175.48 ▼3.54
Posts /wp-admin/edit.php2,737 ▲523.12 ▼0.1163.59 ▼0.31145.38 ▼0.30
Add New Post /wp-admin/post-new.php1,692 ▼6016.57 ▼4.80407.52 ▼45.00164.15 ▼16.56
Media Library /wp-admin/upload.php1,742 ▲535.56 ▲0.06123.92 ▼23.04210.24 ▼23.27
Options /wp-admin/admin.php?page=wp-security-log1,5853.2292.86141.30
Error 404 Log 0 /wp-admin/admin.php?page=wp-security-log/error_404_log1,7883.2661.76164.90
Login Attack Log0 /wp-admin/admin.php?page=wp-security-log/login_attack_log1,8443.1468.21125.43

Uninstaller [IO: ▲0.00MB] [DB: ▲0.00MB] 75% from 4 tests

🔸 Tests weight: 35 | The uninstall procedure must remove all plugin files and extra database tables
The following items require your attention
  • The plugin did not uninstall gracefully
    • > Warning in wp-includes/class-wp-hook.php+307
    call_user_func_array() expects parameter 1 to be a valid callback, function 'wpseclog_adnin_deactivate' not found or invalid function name

Smoke tests 75% from 4 tests

Server-side errors 0% from 1 test

🔹 Test weight: 20 | A smoke test targeting server-side errors
Please fix the following server-side errors
  • 2 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=wp-security-log/login_attack_log
    • > Warning in wp-content/plugins/wp-security-log/includes/data-summary.class.php+77
    uksort() expects parameter 1 to be array, null given
  • 5 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=wp-security-log/login_attack_log
    • > Warning in wp-content/plugins/wp-security-log/includes/data-summary.class.php+81
    ksort() expects parameter 1 to be array, null given
  • 7 occurences, only the last one shown
    • > GET request to /wp-admin/admin.php?page=wp-security-log/login_attack_log
    • > Warning in wp-content/plugins/wp-security-log/includes/data-summary.class.php+113
    Invalid argument supplied for foreach()

SRP Passed 2 tests

🔹 Tests weight: 20 | The single-responsibility principle applies for WordPress plugins as well - please make sure your PHP files perform no actions when accessed directly
Everything seems fine, however this is by no means an exhaustive test

User-side errors Passed 1 test

🔹 Test weight: 20 | This is just a short smoke test looking for browser issues
No browser errors were detected

Optimizations

Plugin configuration 93% from 29 tests

readme.txt 94% from 16 tests

The readme.txt file is an important file in your plugin as it is parsed by WordPress.org to prepare the public listing of your plugin
These attributes need your attention:
  • Screenshots: These screenshots do not have images: #1 (Options screen), #2 (Error 404 display screen), #3 (Error 404 summary screen), #4 (Login Attack display screen), #5 (Login Attack summary screen)
You can look at the official readme.txt

wp-security-log/wp-security-log.php 92% from 13 tests

"WP Security Log" version 1.0's main PHP file describes plugin functionality and also serves as the entry point to any WordPress functionality
It is important to fix the following:
  • Description: Please keep the plugin description shorter than 140 characters (currently 184 characters long)

Code Analysis Passed 3 tests

File types Passed 1 test

🔸 Test weight: 35 | This is a short overview of programming languages used in this plugin, detecting executable files
There were no executable files found in this plugin3,276 lines of code in 17 files:
LanguageFilesBlank linesComment linesLines of code
PHP73045031,873
JavaScript61922451,346
CSS471457

PHP code Passed 2 tests

This is a very shot review of cyclomatic complexity and code structure
Great job! No cyclomatic complexity issues were detected in this plugin
Cyclomatic complexity
Average complexity per logical line of code0.34
Average class complexity13.33
▷ Minimum class complexity1.00
▷ Maximum class complexity52.00
Average method complexity3.14
▷ Minimum method complexity1.00
▷ Maximum method complexity15.00
Code structure
Namespaces0
Interfaces0
Traits0
Classes12
▷ Abstract classes00.00%
▷ Concrete classes12100.00%
▷ Final classes00.00%
Methods65
▷ Static methods00.00%
▷ Public methods65100.00%
▷ Protected methods00.00%
▷ Private methods00.00%
Functions20
▷ Named functions20100.00%
▷ Anonymous functions00.00%
Constants0
▷ Global constants00.00%
▷ Class constants00.00%
▷ Public constants00.00%

Plugin size 50% from 2 tests

Image compression 50% from 2 tests

It is recommended to compress PNG files in your plugin to minimize bandwidth usage
10 PNG files occupy 0.63MB with 0.21MB in potential savings
Potential savings
Compression of 5 random PNG files using pngquant
FileSize - originalSize - compressedSavings
screenshot-1.png101.15KB49.41KB▼ 51.15%
screenshot-2.png131.74KB80.85KB▼ 38.63%
images/warning-32.png1.57KB1.41KB▼ 10.42%
screenshot-3.png104.02KB45.33KB▼ 56.42%
images/success-32.png1.48KB1.30KB▼ 11.99%