Latest version 2.7.6 available

System Health

 

The System Health module is like a comprehensive health checkup for your WordPress website. It examines all the important systems that keep your site running smoothly and helps you identify potential problems before they cause issues. Think of it as a doctor's checkup for your website - it looks at everything from the server environment to security settings and gives you a clear picture of your site's health.

Main Sections

Server Information

This section shows you the technical foundation of your website:

  • PHP Version: The programming language version your server uses. Newer versions are faster and more secure.
  • Memory Limit: How much memory your website can use. Think of this as the workspace available for your site to do its work.
  • Memory Usage: How much of that available memory is currently being used. If this is too high, your site might slow down.
  • Max Execution Time: How long a task can run before the server stops it. Longer times are better for complex operations.
  • Max Input Vars: How many form fields can be processed at once. Important for forms with many options.
  • MySQL Version: The database software version. Newer versions are more efficient and secure.
  • Web Server: The server software (like Apache or Nginx) that delivers your website to visitors.

WordPress Core

This section checks the heart of your WordPress installation:

  • WordPress Version: Which version of WordPress you're running. Keeping this updated is crucial for security.
  • Core Updates: Whether a newer version of WordPress is available.
  • Plugin Updates: How many of your plugins have updates available.
  • Theme Updates: Whether your theme needs updating.
  • Core Integrity: Checks if all WordPress files are present and correct.
  • Security Keys/Salts: Special codes that help protect your site. These should be unique and not default.
  • Auto-updates: Whether WordPress can update itself automatically.
  • Database Prefix: The prefix used for your database tables. Using the default "wp_" is less secure.

Database

Your database is where all your content is stored. This section monitors its health:

  • Total Size: How much space your database takes up. Large databases can slow down your site.
  • Autoload Size: How much data loads automatically with every page. Smaller is better for performance.
  • Charset: The character encoding used. This affects how special characters are displayed.
  • Largest Tables: Shows which database tables are taking up the most space.

Filesystem

This section checks the files and folders on your server:

  • wp-content/ Permissions: Whether the main content folder can be written to. This is needed for uploads and updates.
  • uploads/ Permissions: Whether you can upload images and media files.
  • wp-config.php Permissions: The security settings for your main configuration file.
  • Plugins Directory: Whether you can install or update plugins.
  • Themes Directory: Whether you can install or update themes.
  • Temp Directory: Whether temporary files can be created (needed for many operations).

Cron Tasks

Cron tasks are scheduled jobs that run automatically in the background:

  • WP Cron Status: Whether the WordPress scheduling system is enabled or disabled.
  • Cron Lock: Whether a scheduled task is currently running and preventing others from starting.
  • Cron Timeout: How long a scheduled task can run before it's stopped.
  • Next Events: Shows upcoming scheduled tasks and when they'll run.

Error Logs

This section helps you find and fix problems:

  • PHP Error Log: Whether PHP error logs exist and their size. These logs record technical errors.
  • WordPress Debug Log: Whether WordPress debug logs exist and their size. These logs record WordPress-specific issues.

Network

This section checks your site's ability to communicate with the outside world:

  • cURL Version: The version of the tool used to make external requests.
  • SSL Support: Whether secure connections (HTTPS) are supported.
  • allow_url_fopen: Whether your server can open external URLs.
  • HTTPS Detection: Whether your site is using a secure connection.
  • External Connection: Tests if your site can connect to WordPress.org.
  • SMTP Status: Whether your email system is working.
  • Detected Method: How emails are being sent (SMTP or server mail).

Configuration

This section shows important WordPress settings:

  • WP_DEBUG: Whether debug mode is enabled. This should be disabled on live sites.
  • WP_DEBUG_LOG: Whether errors are being logged to a file.
  • WP_DEBUG_DISPLAY: Whether errors are shown on screen.
  • Debug Bar: Whether the debug bar tool is enabled.
  • WP Memory Limit: Memory allocated specifically for WordPress.
  • PHP Memory Limit: Total memory available from the server.
  • Auto Updates: Whether automatic updates are enabled.

URLs & Endpoints

This section checks how your site addresses work:

  • Site/Home URL Match: Whether your site URL and home URL match.
  • Permalinks: The structure of your page URLs.
  • AJAX Endpoint: Whether AJAX requests (used for dynamic content) are working.
  • Cron Endpoint: Whether scheduled tasks can be triggered.
  • REST API: Whether the REST API (used by many plugins) is working.
  • Loopback Test: Whether your site can communicate with itself.
  • XML-RPC: Whether XML-RPC is enabled. Disabling this can improve security.

Key Features

Export Report to a Text File

This feature creates a complete snapshot of your system health that you can save and share. When you click the "Export Health Report" button, the module gathers all the information from every section and compiles it into a single text file. This file includes:

  • All server information and settings
  • WordPress version and update status
  • Database size and configuration
  • Filesystem permissions
  • Cron task status
  • Error log information
  • Network and email settings
  • All configuration details
  • URL and endpoint status

The report is automatically downloaded to your computer with a filename that includes the date and time. This is incredibly useful when you need to:

  • Share diagnostic information with support teams
  • Keep a record of your site's health over time
  • Document changes before making updates
  • Troubleshoot problems with developers

Check Security Headers

Security headers are special instructions that tell web browsers how to handle your website's security. The "Check Security Headers" button opens an external tool (securityheaders.com) that analyzes your site's security headers and gives you a detailed report.

The tool checks for important security headers like:

  • Strict-Transport-Security (HSTS): Forces browsers to use secure connections
  • X-Frame-Options: Prevents your site from being embedded in other sites
  • X-Content-Type-Options: Prevents browsers from guessing file types
  • Content-Security-Policy: Controls what resources can be loaded
  • X-XSS-Protection: Helps prevent cross-site scripting attacks

The report shows you which headers are present, which are missing, and gives you recommendations for improving your security. This is especially important for sites that handle sensitive information or process payments.

Enable Debug Bar

The Debug Bar is a powerful tool that appears at the top of your WordPress admin area and shows detailed technical information about each page load. When enabled, it displays:

  • How long the page took to load
  • How many database queries were executed
  • How much memory was used
  • What hooks and filters ran
  • Cache hit/miss information
  • Query details and performance data

This feature is primarily for developers and advanced users who need to troubleshoot performance issues or debug complex problems. It's available as a PRO feature and can be toggled on or off with a simple switch. When you enable it, the debug bar appears immediately on all admin pages, giving you real-time insights into what's happening behind the scenes.

Email Audit (SPF, DKIM, DMARC, Blacklists)

Email deliverability is crucial for any website that sends emails - whether it's password resets, notifications, or marketing messages. The Email Audit section provides a direct link to MXToolbox, a professional email diagnostic tool.

When you click "Check now," you'll be taken to MXToolbox where you can analyze your domain's email configuration. The tool checks:

  • SPF (Sender Policy Framework): A record that tells the internet which servers are allowed to send email from your domain. Without proper SPF, your emails might be marked as spam.
  • DKIM (DomainKeys Identified Mail): A digital signature that proves an email really came from your domain and wasn't tampered with during transit.
  • DMARC (Domain-based Message Authentication, Reporting, and Conformance): A policy that tells email providers what to do with emails that fail SPF or DKIM checks.
  • Blacklists: Checks if your domain or email server is listed on any spam blacklists. Being on a blacklist means your emails might not reach recipients.

Proper email configuration ensures that your important emails actually reach your users' inboxes instead of being caught in spam filters. This is especially important for WooCommerce stores that send order confirmations and password reset emails.

Test SMTP

The SMTP (Simple Mail Transfer Protocol) test verifies that your email system is working correctly. When you click the "Test SMTP" button, the module performs a real email test by:

  1. Checking mail functions: Verifies that the basic email functions are available on your server.
  2. Testing connection: Attempts to connect to your mail server.
  3. Sending a test email: Actually sends a test email to your admin email address.

The test results show you:

  • Mail Function Test: Whether the basic mail functions are working (PASSED/FAILED)
  • Response Time: How long the test took in milliseconds
  • Detected Method: Whether you're using SMTP or server mail
  • SMTP Diagnostics: Detailed information about the connection attempt
  • Overall Status: A summary of whether your email system is working correctly

If the test fails, you'll see error messages that help you identify the problem - whether it's a configuration issue, authentication problem, or server limitation. This is invaluable for troubleshooting email delivery problems before they affect your users.

Recommendations Section

The Recommendations section is like having a personal consultant for your website. It analyzes all the data from every section and provides smart, actionable suggestions to improve your site's performance, security, and configuration.

How Recommendations Work

The module continuously monitors your site and identifies areas that need attention. Each recommendation includes:

  • Title: A clear, descriptive name for the issue
  • Description: An explanation of why this matters and what the problem is
  • Priority: How urgent the issue is (Critical, High, Medium, or Low)
  • Type: The category of the issue (Server, WordPress, Database, Security, Performance, Configuration, or Filesystem)
  • Action: What can be done to fix it

Types of Recommendations

Server Recommendations

  • High Memory Usage: Alerts you when memory usage is above 80% of the limit, suggesting you increase the limit or optimize plugins.
  • Low PHP Memory Limit: Recommends increasing memory if it's below 256MB for better performance.
  • Low Execution Time Limit: Suggests increasing the maximum execution time if it's below 60 seconds to prevent timeouts.
  • Outdated PHP Version: Urges you to upgrade to PHP 8.0+ for better performance and security.

WordPress Recommendations

  • WordPress Updates Available: Reminds you to keep WordPress updated for security and performance.
  • Weak Security Salts: Recommends generating new unique security keys for better protection.

Database Recommendations

  • Large Autoload Data: Suggests cleaning up unused options when autoload data exceeds 300KB to improve page load times.
  • Large Database: Recommends cleanup and optimization when database size exceeds 100MB.
  • Object Cache Recommended: Suggests implementing object caching (Redis/Memcached) to reduce database load on busy sites.

Security Recommendations

  • Default Admin User: Warns if a user named "admin" exists, as this is a common target for hackers. Recommends changing the username.
  • File Editing Enabled: Suggests disabling WordPress file editing for security by adding DISALLOW_FILE_EDIT to your configuration.
  • Debug Mode Active: Recommends disabling WP_DEBUG on production sites for security and performance.

Configuration Recommendations

  • Low WP_MEMORY_LIMIT: Suggests increasing WordPress memory limit to 256MB in wp-config.php for better performance.
  • Low WP_MAX_MEMORY_LIMIT: Recommends increasing the admin area memory limit to 256MB for better panel performance.
  • Automatic Updates Disabled: Encourages enabling automatic updates for security patches.
  • WP Cache Disabled: Suggests enabling caching for better performance.
  • High Post Revisions Limit: Recommends limiting post revisions to 3-5 to reduce database bloat.

Filesystem Recommendations

  • Incorrect File Permissions: Alerts you to files with wrong permissions and offers to fix them for security.
  • wp-config.php Accessible: Warns if your configuration file might be accessible via web and suggests securing it.

One-Click Fixes

Many recommendations can be fixed automatically with a single click. When you see a "Fix Now" button, the module will:

  1. Create a backup of any files that will be modified
  2. Apply the necessary changes
  3. Verify the fix was successful
  4. Refresh the health data to show the updated status

For issues that require manual intervention or server-level changes, the module provides clear instructions and links to the appropriate settings pages or external resources.

Priority Levels

Recommendations are sorted by priority so you can focus on the most important issues first:

  • Critical: Immediate attention required. These are security risks or issues that could break your site.
  • High: Important issues that should be addressed soon. These affect security or performance significantly.
  • Medium: Issues that should be addressed when convenient. These are improvements rather than urgent problems.
  • Low: Minor suggestions that can optimize your site but aren't essential.

Using the System Health Module

Daily Monitoring

Make it a habit to check the System Health module regularly, especially after:

  • Installing or updating plugins
  • Changing hosting providers
  • Making configuration changes
  • Noticing performance issues
  • Experiencing email problems

Troubleshooting

When you encounter problems, use the System Health module to:

  1. Check all sections for red or yellow indicators
  2. Review the recommendations for related issues
  3. Export a health report to document the current state
  4. Apply one-click fixes where available
  5. Follow manual instructions for complex issues
  6. Re-check after making changes to verify improvements

Best Practices

  • Keep all sections green (good status) for optimal performance
  • Address critical and high priority recommendations promptly
  • Export health reports before major changes
  • Use the debug bar only when troubleshooting, then disable it
  • Regularly test SMTP to ensure email delivery works
  • Check security headers periodically to maintain strong security

Conclusion

The System Health module is your comprehensive toolkit for maintaining a healthy, secure, and fast WordPress website. By regularly monitoring all sections, following recommendations, and using the diagnostic tools, you can prevent problems before they occur and keep your site running at its best. Think of it as your website's personal health monitor - always watching, always ready to alert you to issues, and always there to help you fix them.

All rights reserved. 2025
Privacy Policy Refund Policy
Changelog Roadmap