This guide will be showing you how to use WordPress’ in house Health Check and Troubleshooting plugin. It has numerous features which will prove useful when it comes to ensuring your WordPress site remains functional and secure. In a few clicks, you can have all the information you need in order to debug and troubleshoot your site. You can also use the information to provide us with statistics so that we can help you debug if you’re having any issues.
First you will need to install the plugin. We have a guide that mentions what a plugin is and how to access them via the backend of your site if you’re unsure. Once the plugin is installed, you’ll just need to activate it on the Plugins page, as shown below:
How to access the Health Check plugin
Accessing the plugin is a little different to your traditional ones that pop up on the toolbar to the side. You’ll need to click/hover over Dashboard item and select it from there:
Using Site Status
Site status is an extremely useful tool when it comes to checking certain statistics about your WordPress install. Each section is useful in its own way depending on what you’re needing to know, but the sections I have numbered are what I’d consider to be most useful.
1: This section will display the current version of your WordPress site, its plugins, themes, PHP version and the version of the database server the site is connecting to. A really helpful feature of these being displayed is that you can use it to quickly summarise most of the information you’ll need to know for web development or debugging work. It will also notify you if any of your current versions are outdated, which is a major security issue when it comes to WordPress.
I have left an example in there, with the page notifying me that I have left inactive themes on the site. It’s often recommended these are removed, particularly if you’re not keeping them up to date. Out of date themes still on your site is another big security issue and are exploitable under certain circumstances. Keeping things up to date on your site is a must if you’re wanting things to stay secure.
2: The HTTPS status and Secure communication sections are useful when it comes to making sure your website’s connection is secure. HTTPS can be enabled by installing an SSL certificate, which can be used to encrypt traffic from the server your site is hosted on to the end-user. Once an SSL certificate has been installed, you can check this section to ensure it is allowing HTTPS connections as well as whether the site is communicating securely with other locations. It is highly recommended and a necessity now to have HTTPS enabled when using the site for e-commerce or when sending and receiving sensitive data on your site. If your site is still coming up as insecure despite having an SSL certificate installed recently, it may be a good idea to go through our post-SSL installation checklist.
Using Debug Information
The debug information section includes similar content to the Site Status page, however it is much more in depth for when you need to do more thorough debugging and development work. Rather than me showing you each section on the table of contents, I’ll explain what each section is designed to show.
WordPress: This shows a multitude of details about your WordPress site and the way it is setup on the backend. You can see these displayed above. It is very useful if you’re needing to show a developer the current state of WordPress, as well as finding out useful information when debugging.
Installation Size: This section helps outline how much space the uploads, themes and plugins directories take up on the server where they are located. It also provides you with a quick glance as to how large your database is, the size of the site in its entirety, as well as the directory WordPress is located in.
Drop-ins: Drop-ins are single files that replace or enhance WordPress features in ways that are not possible for traditional plugins. They are displayed in a list in this section, coming with a short description as to what they all do.
Active Theme: Displays your active theme’s Name, Version, Author, the author’s website, the name of the parent theme (if the one you’re using is a child theme), as well as features that are supported by the shown theme.
Other Themes: Themes that are detected but are inactive are often shown here. You’ll be able to see their names as well as their current version. This is useful if you’re wanting to ensure themes are completely removed of if you’re wanting to quickly check what version of the themes you have downloaded.
Active Plugins: Your active plugins are plugins that are currently running on the backend of your site. They’ll be listed here with their version number and author also being mentioned. It’s useful if you want to see them summarised all in one place, making it easy to compare versions for compatibility purposes.
Media Handling: WordPress can use different methods to handle your website’s media. By default, WordPress usually sets WP_Image_Editor_GD as the handler, however you can sometimes use handlers such as ImageMagick instead or other plugin enabled handlers.
Server: If you’re wanting to see some server settings, you can view them here. You’ll be shown the server’s architecture, the web server software it’s using, the version of PHP it is running, the PHP memory limit that has been set, the max upload file size, as well as the .htaccess settings (which will usually be custom).
Database: Here you can view the PHP extension used as the database driver, the server and client version, and then your database name, assigned user, it’s prefix and also the name of the host it’s located on.
WordPress Constants: These represent values set in your websites code which affect WordPress in various ways. These are useful for development and debugging purpose and are mostly used to check if certain things are enabled or disabled within your code.
File System Permissions: This highlights directories that need to be writable to in order for WordPress to function properly. If WordPress is having issues saving content or you’re struggling making changes on the backend, it may be worth ensuring all of these come up as ‘Writable’ in the column.
Using Troubleshooting Mode
Troubleshooting mode allows you to make all plugins you have on your site appears as inactive. It also sets the site back to using the default theme. The great thing about this mode is that it only occurs for you, so visitors will still be able to see everything they usually should be able to, including the current active theme and the plugins functionality. This is incredibly useful when trying to find out if any specific plugin is causing some issues on your site, as you can enable/disable them at will one at a time without any of your visitors losing any functionality on their end.
PHP Information
This page essentially acts the same way an info.php one would, however it’s viewable within WordPress rather than leaving it accessible to site visitors. You can see an example similar to what you will see here by visiting our guide showing how to create a info.php page.
Available Tools
The Health Check plugin provides you with two tools you can use to ensure your site is clean and functional.
File Integrity Checker: This tool is incredibly useful when you believe you have a compromised site. The core files of WordPress have their own unique checksums (a sequence of numbers and letters) that are calculated via complex algorithms. The WordPress API will provide these checksums to compare to your own site’s core files. If the calculated checksum of your files are different to the API’s, it will notify you and allow you to perform a diff check to see what the text based differences are. A lot of compromises will appear to be random letters and numbers to try and hide it from plain sight and scans. This is just standard characters encoded in Base64 a lot of the time. Any code that looks suspicious in your files is best off being removed and any new files/directories you notice that have been created recently are best to look into as well. We do have a guide that will help you to recover if you believe your site has been compromised. Using the file integrity checker should help you clean things up if they are messy. All you need to do is click Check the Files Integrity as highlighted above and it’ll do all the work for you when it comes to finding potentially compromised files.
Email Check: You can use this tool to make sure WordPress and its plugins can send emails properly. It’s useful for troubleshooting issues regarding email notifications and so forth. It’s also useful to make sure none of them go to your spam folder. It essentially checks whether the wp_mail() function is working properly or not.
Classification: Public
Last saved: 2019/08/14 at 15:30 by Jamie