Versions Compared

Old Version 11

changes.mady.by.user alice freda

Saved on

compared with

New Version 12

changes.mady.by.user alice freda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: add info on load testing

Table of Contents

...

Section 1: Basic WordPress Audit


ItemHow to find
Tools

Version Control

Go to the webroot and run "git version"

WP-CLI

Try running wp cli in the webroot; if it exists, "wp --info"
Directory Structure

Files Directory Size

Run "du -h wp-content/uploads"; this gives you total size at the bottom along with size on other directories/files. May be

Database Size

Run "mysqldump -uusername -ppassword databasename > db_backup.sql" then "du -h db_backup.sql"

or

Run the following query that lists the sizes of all the available databases.

Code Block
SELECT table_schema AS "Database", 
ROUND(SUM(data_length + index_length) / 1024 / 1024, 2) AS "Size (MB)" 
FROM information_schema.TABLES 
GROUP BY table_schema;


Other “Files Directories”

See if any other large files exist in the codebase; particularly in the root of the codebase.

Codebase Structure

Are there non-standard directories? Is all custom code in wp-content/themes/themename (or appropriate multisite

directories)?
Are styles and libraries organized properly and extendable?

Multisite

Check for subdomains or subdirectories
 Codebase

Plugin Codebase Quality

How many plugins are in use? (the fewer the better, typically)
Are they up to date?
Any custom plugins? Are they coded using best practices?
Are the plugins in use well maintained/updated for security frequently? Do they have high ratings? Many installs?
Are they compatible with latest version of WP?
Run WordFence plugin if possible. Make sure to check the boxes in options to scan themes and plugins as well

Theme Codebase Quality

Is the theme up to date?
Was the theme built by a well-respected developer? (Many installs, high ratings, well maintained)
Run WordFence plugin if possible. Make sure to check the boxes in options to scan themes and plugins as well.

Uses Child Theme

Is the site using a child theme of the enabled theme?

Custom Codebase Quality

Check custom codebase for WordPress Best Practices 
Do templates contain complex PHP? PHP coding standards
Is JS written properly? JavaScript coding standards
Is the site responsive?
Are images sized correctly?
is the Code legible? Will various developers be able to read it?
Are there any patches? Are the patches well documented?

Security


Site UsersCheck site users. Are there many site administrators? 
Is there an "admin" user? (if so recommend this user be deleted with content assigned elsewhere)
Security PluginsAny security plugins installed?
WordFence, Sucuri, iThemes Security, All In One WP Security & Firewall might be good options
Update StatusAre plugins, themes, WP core up to date?
SEO
https

Is SSL installed?
Does site default to https (check site Settings > General for WP Address and Site Address)
Are they getting mixed media errors?

Header tagsAre they written properly? Are they in the proper order?
Social sharingUsing proper tags and setup for social sharing?
Broken linksCan use Broken Link Checker Plugin to check on broken links
Google AnalyticsIs GA installed?
Take a look at Analytics account setup
PluginsYoast SEO is a popular and easy to use Plugin for adding metatags, etc.
A11y

If you turn off CSS is the site legible?
Are images using alt tags properly?
Is color contrast correct?
Can you use a keyboard to navigate the site?
Can you use a text browser (Lynx)?

Performance
Server ResponseThis will vary between requests; for a quick idea, load the page in question with the Network tab open and
the browser cache disabled and see how long it takes for the initial request of the HTML document to be
returned.
Google Page Speed

What's the PageSpeed Insights score for the URL you're investigating? Use the mobile speed and the desktop
speed (mobile/desktop) in the audit.

Image Optimization

Is the site effectively using image styles to make sure that images are an appropriate size? Bonus points if they
have a system in place to handle responsive images.

Load testingBlazemeter is an option for load testing. Pantheon guide to testing with Blazemeter.
CDNCheck for CDN if it would be helpful
CachingAny caching plugins in use? W3 Total Cache and others can sometimes be appropriate but other times cause more
trouble than they're worth. Check caching options offered by the host.

Front-End performance

A lot of drain can happen on the front end, and this can vary per browser. Lots of calls to external JS or iFrames can really slow things down.

A speed test is the best place to start:

http://www.webpagetest.org/


Yslow is a browser extension you can install that can provide stats and recommendations for performance improvements.

Deeper Technical Audit

Status
colourYellow
titleDraft - Material Needs Work

Some clients who have specific concerns or have a technical background may require further research. Here are some resources that may assist in preparing audits for them:

Resources

Google Network Tab Docs

Example Audits