There are many modules that make up a typical WordPress installation. Four of the most important components are the server software used to operate the website, the WordPress core software, themes, and plugins. Maintaining these four items current assists in keeping your WordPress website operating smoothly. This post looks at the WP Health plugin and how you can use it to conduct a WordPress health check.
Written by Frank Corso, the WP Health plugin comes in a variety of different versions. The versions include Free, Starter, Premium, and Agency plans. The non-free plans add uptime monitoring, email notifications, SMS notifications and email summary reporting. The main difference in the paid versions is the number of websites you can install the paid plugin on (1, 10, and 25 respectively). I only run the free version as I manually check the websites I manage on a regular basis. The free version runs a series of checks on your website and provides the WordPress health check results in the form of a traffic light report. The report focuses on common areas that WordPress website owners should keep up to date. The report displays the results under the headings of Server Check, WordPress Check, and Plugin Check.
The Server Check examines the server software used for running your website. It checks the PHP version, the database version, and whether the website has an SSL certificate. Keeping your PHP version up to date is important because the latest version will close any security holes found in older versions. The plugin checks both MySQL and MariaDB databases. Having an SSL certificate provides a secure connection between the website and the visitor’s browser. It also helps with SEO.
The WordPress Check looks at the core WordPress software, the enabled status of the online file editor, checks for a user with the name ‘admin’, and verifies that the installed themes are up to date. Keeping the WordPress core software updated ensures that any security issues related to older versions do not affect your website. Disabling the online editor provides an extra layer of protection in case hackers gain access to your website (hackers can’t use the online editor to change your WordPress files). Hackers trying to use brute force to log in to your website will always try using ‘admin’ first. Not having an ‘admin’ user helps thwart brute force attacks. Keeping your themes updated helps ensure that the themes are compatible with the core files.
The Plugin Check inspects all the installed plugins to ensure they are up to date. It also reports on any plugins not being used. It checks that your plugins are still being actively supported and that none have known security issues. You should keep all your plugins updated. Remove any plugins that are not active. Consider replacing any plugins not being supported or having security vulnerabilities.
Following the traffic light reporting process, you must fix any issues highlighted in red. You should consider correcting any items highlighted in yellow. You should run the WP Health check on a regular basis. Conducting a regular WordPress health check will help ensure that your website is up to date and is using the most recent versions of its key components.
Need help with your WordPress health check?