seravo-plugin
seravo-plugin copied to clipboard
Seravo
Provide a new reports page that focuses on WordPress health checks
Many of the eheystarkistus items could be automated and listed as a checklist with pass/fail status on a separate "site health" page. This would allow new customers to know if everything with their WordPress site is OK or not, in particular right after migrating an existing site from another server to our system.
We could perhaps extend wp doctor to include Seravo specific checks:
$ wp doctor check --all
Running checks 100% [==========================] 0:07 / 0:11
+----------------------------+---------+----------------------------------------------------------------------+
| name | status | message |
+----------------------------+---------+----------------------------------------------------------------------+
| core-verify-checksums | success | WordPress verifies against its checksums. |
| file-eval | success | All 'php' files passed check for 'eval\(.*base64_decode\(.*'. |
| autoload-options-size | success | Autoloaded options size (70.24kb) is less than threshold (900kb). |
| constant-savequeries-falsy | success | Constant 'SAVEQUERIES' is undefined. |
| constant-wp-debug-falsy | success | Constant 'WP_DEBUG' is defined falsy. |
| core-update | error | Updating to WordPress' newest minor version is strongly recommended. |
| cron-count | success | Total number of cron jobs is within normal operating expectations. |
| cron-duplicates | success | All cron job counts are within normal operating expectations. |
| option-blog-public | success | Site is public as expected. |
| plugin-active-count | success | Number of active plugins (4) is less than threshold (80). |
| plugin-deactivated | success | Less than 40 percent of plugins are deactivated. |
| plugin-update | warning | 3 plugins have updates available. |
| theme-update | success | Themes are up to date. |
| php-in-upload | success | No PHP files found in the Uploads folder. |
| language-update | warning | 1 language has an update available. |
+----------------------------+---------+----------------------------------------------------------------------+
On this page, or on a separate database page, we could list the size of the databases and notify something of excess was found, e.g. _transient in database, or duplicate tables (e.g. wp_user and xyz_users).
Warn if siteurl and home are not https..
If could also warn of deprecated features and plugins, like https-domain-alias or wp-palvelu-plugin (now everybody should be running seravo-plugin).
Also, check WP installation folder structure and warn if there are e.g. two wp-content folders (and the one is not a symlink to the other).
So to sum up: Implement a postbox, which has the following information:
- Is HTTPS used?
- Is ReCaptcha used?
- Are there inactive themes?
- Are there inactive plugins?
- Are there potentially bad plugins?
- Are there deprecated plugins?
- Are there JS errors?
- Are there PHP errors?
- Does wp-test succeed?
- Does the WP folder structure look sane?
- Are there duplicate folders?
This feature can be too large to be implemented with one go. Therefore we should implement a subset of features first and then add more in the future.
To add some overview about the progress, this far 98fdc4f introduces checks for
- HTTPS
- Usage of recaptcha
- Inactive themes & plugins
- Deprecated plugins including https-domain-alias & wp-palvelu-plugin
- PHP error count
- Command
wp-testresult
What could be implemented next include
- Check for the WP structure
- Duplicate folders
- Deprecated plugins could be extended on
check_plugins()
