WordPress plugin to detect the single plugin causing slowdown or breakage on a specific page using safe loopback tests.
- Safe Loopback Testing - Tests each plugin individually without affecting visitors
- Page Selection - Choose which page to scan from a dropdown of all published pages
- Unlimited Plugin Scanning - Scan all active plugins without limitations
- Custom URL Support - Scan any URL on your site
- Anonymous Telemetry (Premium) - Opt-in data sharing to build a shared plugin performance database (premium feature)
A single script run builds both ZIPs:
./scripts/build.shOutputs:
build/code-medic-slow-site-scanner.zip— free versionbuild/code-medic-slow-site-scanner-premium.zip— premium version
For full release steps (version bumping, pre-submission checklist, distribution), see docs/releasing.md.
When enabled (premium only), the plugin shares anonymous performance data to help build a shared plugin compatibility database. Users can opt-out via the plugin settings.
Data shared:
- Plugin slugs (anonymized to folder name only)
- Performance delta (in seconds)
- PHP version
- WordPress version
Data NOT shared:
- Site URLs
- Plugin configurations
- Any personally identifiable information
The data is queued and sent asynchronously via wp_cron (hourly) to avoid blocking any requests.
The scanner includes a dropdown that lists all published pages on your WordPress site. All users can:
- Select from all published pages
- Use the "Custom URL" option to scan any URL on their site
This plugin is designed to comply with WordPress.org plugin directory guidelines. The free version is fully functional with no artificial restrictions, while premium features are additional functionality hosted separately.
For detailed information about WordPress.org requirements and our free/premium architecture, see docs/wordpress_requirements.md.
Premium Supabase telemetry is configured via a .env file in the plugin directory (see .env.example):
# Supabase configuration for anonymous telemetry (premium only, optional)
CODEMEDSSS_SUPABASE_URL= # Your Supabase project URL (e.g., https://xxxxx.supabase.co)
CODEMEDSSS_SUPABASE_ANON_KEY= # Your Supabase anon/public key
CODEMEDSSS_SUPABASE_TABLE= # Table name (default: telemetry)- Create a Supabase project at https://supabase.com
- Run the SQL scripts in the
sql/folder (in order):sql/01-create-tables.sql- Creates the telemetry tablesql/02-create-indexes.sql- Creates indexes for performancesql/03-set-rls-policies.sql- Enables RLS with insert-only for anonsql/04-create-views.sql- Creates analysis views (SECURITY INVOKER)sql/05-add-test-type-column.sql- Adds test_type columnsql/06-add-anonymous-insert-rls.sql- Anon insert-only policysql/07-add-scanner-version-columns.sql- Scanner version columns
- Add your Supabase URL and anon key to the
.envfile
Security model: The telemetry table uses a strict insert-only architecture.
The Supabase anon key allows INSERT only — SELECT, UPDATE, and DELETE are
denied for anonymous users. All views use security_invoker = on to respect
RLS on the underlying table. Only authenticated/service_role roles can read data.
If upgrading an existing deployment, also run:
sql/08-security-hardening.sql- Fixes existing deployments with permissive anon SELECT policies or SECURITY DEFINER views
For detailed documentation on the database schema and views, see the SQL scripts in the sql/ folder.
This plugin uses PHPUnit for unit testing.
- Install dependencies:
composer install- Create the WordPress test environment (one-time setup):
mkdir -p /tmp/wordpress
# You'll need to copy or link your WordPress installation here
# or use a proper WordPress test environment like wp-env- Run the tests:
./vendor/bin/phpunittests/bootstrap.php- Test bootstrap file with WordPress function mockstests/TestBootstrap.php- Basic test to verify setuptests/TestResults.php- Tests for results.php functionstests/TestLoopback.php- Tests for loopback.php functionstests/TestScanner.php- Tests for scanner.php functionstests/TestToggle.php- Tests for toggle.php functionstests/TestTelemetry.php- Tests for telemetry.php functions (premium only)
Each test class should:
- Be in the
PIA\Testsnamespace - Extend
PHPUnit\Framework\TestCase - Test one specific file's functions
Example:
<?php
namespace PIA\Tests;
use PHPUnit\Framework\TestCase;
class TestExample extends TestCase
{
public function testSomething()
{
$this->assertTrue( true );
}
}code-medic-slow-site-scanner.php- Main plugin fileadmin/ui.php- Admin interface and AJAX handlersadmin/js/admin.js- Frontend JavaScriptincludes/scanner.php- Core scanning logicincludes/loopback.php- Loopback testingincludes/toggle.php- Plugin toggle functionalityincludes/results.php- Results handlingincludes/telemetry.php- Anonymous telemetry collection