Fenerly
← Back to homeExample — not live data
Acme RoofingHealthy
91
91/ 100

Blended from internal plugin checks + the external scan.

Per-check breakdown

Sec

95 / 100
  • https_enforcedThe site is served over a secure HTTPS connection.

    HTTPS encrypts traffic between visitors and your site. Without it, data can be read or tampered with in transit, and browsers flag the site as “not secure.”

    Technical detail

    Checked via is_ssl() / the site URL scheme. Fix: install a TLS certificate (most hosts offer free Let's Encrypt), then set the WordPress Address + Site Address to https://.

    true
    40/40
  • debug_mode_offWP_DEBUG is disabled, as it should be in production.

    Debug mode prints internal error details that can leak paths and code information to visitors. It's a development tool that should be off on a live site.

    Technical detail

    Checks the WP_DEBUG constant. Fix: set define('WP_DEBUG', false) in wp-config.php for production (use a staging site for debugging).

    Read the full spec ↗
    true
    20/20

Ops

90 / 100
  • wp_cron_firingWordPress's scheduled-task runner is working.

    WP-Cron runs your site's scheduled jobs (publishing posts, sending emails, plugin tasks, and our own health heartbeat). If it isn't firing, those jobs silently never run.

    Technical detail

    Checked via wp_next_scheduled('fenerly_send_heartbeat'). If false, WP-Cron is broken — often because DISABLE_WP_CRON is set without a real system cron replacing it. Fix: add a server cron hitting wp-cron.php every few minutes, or remove DISABLE_WP_CRON.

    Read the full spec ↗
    true
    30/30
  • php_supportedThe site runs a PHP version that still gets security fixes.

    PHP is the language WordPress runs on. Old versions stop receiving security patches, leaving the site exposed and often slower.

    Technical detail

    Passes on PHP 8.1+. PHP 8.0 reached end-of-life 2023-11 and 7.x is long EOL. Fix: ask your host to upgrade PHP (usually a one-click setting in the hosting panel).

    Read the full spec ↗
    8.3.2
    30/30
  • wp_core_currentNo major WordPress core update is pending.

    Running the current WordPress release means you have the latest security and bug fixes. A pending major update is a known gap.

    Technical detail

    Reads WordPress's own cached update data (no extra request). Fix: update WordPress from Dashboard → Updates; enable automatic background updates for minor releases.

    Read the full spec ↗
    true
    25/25

This is an illustration. Sign in to connect your own sites.