WordPress Site Health Check: Improve Site's Health Score
Want to improve your WordPress Site Health score? This article discusses how to use the built-in tool in WordPress called the Site Health tool, which is used to monitor and enhance your site's performance and security.
Here are the topics discussed in this article.
What is the WordPress Site Health Tool?
The Site Health tool was first introduced in WordPress 5.1 and enhanced in version 5.2 with a scoring system.
This feature helps website owners monitor performance and security issues while providing clear instructions for improvements. From checking outdated versions to scanning inactive plugins, the Site Health tool simplifies routine maintenance tasks that are otherwise time-consuming.
For a complete walkthrough, see the official WordPress Site Health Guide.
How Does It Work?
The Site Health tool runs a series of automated tests on your website to ensure optimal performance and security. It checks configuration settings, highlights issues, and offers solutions.
These results are divided into:
- Critical issues: These are warnings or potential issues that should be addressed.
- Recommendations: These are suggested improvements.
- Passed tests: These are the items that are working correctly.
How to Check Site Health in WordPress
You can access the Site Health tool directly from your WordPress dashboard.
- Log in to your WordPress Admin dashboard.
- Click Tools on the left-side menu, then select Site Health.
- You will be redirected to the Site Health page, where you will first see your website's performance score at the top, along with the Status and Info tabs.
Understanding the Site Health Report
Here are the key items found on the Site Health page.
Site Health Tabs
You will see two tabs in the Site Health report, namely:
- Status tab: This tab shows the critical issues, recommended improvements, and passed tests. (See more information below.)
Critical issues:
Recommended Improvements:
Passed tests:
- Info tab: This tab displays the detailed configurtiaion data about your WordPress installation, server, databases, plugins, themes, and a lot more. (See more information below.)
Site Health Status Tab
The Status tab shows critical information about your WordPress configuration and items that require your attention. If there's anything that requires improvement shown on the Site Health Status page, the Site Health tool checks the issues in 2 major categories.
| Two Major Categories | |
|---|---|
| Performance | WordPress & PHP version, SQL server, required and recommended PHP modules, UTF8MB4 support, scheduled events, HTTP requests, REST API, and loopback requests. |
| Security | Active themes and plugins, HTTPs connection, secure communication, debug mode status, communication with WordPress.org, and background updates status. |
The tool gives you Site Health status in three different layers:
| Site Health Status in 3 Different Layers | |
|---|---|
| Critical issues | This layer shows the number of critical issues found. It marks issues with categories, namely, security or performance, and then indicates what to do about them. |
| Recommended improvements | The layer shows all the recommendations to improve WordPress Site Health and gives instructions on how to address them individually. |
| Passed tests | Once passed, the layer displays the number of items with no issues and shows all items in detail. |
Site Health Info Tab
The Info tab provides an in-depth look at your website configuration. Categories include the following.
| Issues and their Categories | |
|---|---|
| WordPress | Version, site, and user language, home URL, site URL, permalink structure, multisite check, and more. |
| Directories and Sizes | File and folder paths, size of uploads, themes, and plugins. |
| Active Theme & Plugins | Name, version, author, and details of the active theme and plugins. |
| Media Handling | Image processing libraries (for example, ImageMagick and CD) and resource limits. |
| Server | Architecture, PHP version, time limits, memory limits, max file size, and more. |
| Database | Server version, client version, database, and prefix. |
| WordPress Constants | Debug, cache, and other key configuration constants. |
| Filesystem Permissions | Read/write permissions for essential directories (core, wp-content, uploads, themes, and plugins). |
You can export this data by clicking the Copy site info to clipboard button to share with developers or support teams.
Why a WordPress Site Health Check Score Matters
A strong Site Health score means your WordPress installation runs on secure, updated, and optimized settings.
For example:
- Running the latest PHP version ensures faster performance and plugin compatibility.
- Using HTTPS improves security and builds visitor trust.
- Removing unused plugins reduces vulnerabilities.
While a perfect score isn’t required, maintaining a score above 80% is recommended for smooth site performance and security.
How to Improve Your WordPress Site Health Check Score
Here are practical ways to boost your Site Health results.
- Choose a reliable WordPress hosting plan
Your hosting provider has the biggest impact on performance and stability. A good host ensures up-to-date software, proper PHP modules and strong security measures. An unreliable host may use outdated technology and limit optimization options.
- Enable SSL/HTTPS
An SSL certificate encrypts data transfer between your server and visitors’ browsers. Sites using HTTPS display a padlock icon in the address bar. Most modern hosts, including Bluehost, provide free SSL certificates that are simple to activate.
For more information, please refer to the article, A Guide to Free SSL Certificates with Let's Encrypt.
- Keep WordPresss core updated
WordPress regularly releases updates with new features, bug fixes and security patches. Always use the latest version to keep your site safe and stable.
Many beginners worry that updating WordPress might break their website, so they avoid updates. This can leave their sites vulnerable to security risks. It's important to stay updated with the latest version of WordPress.
- Update plugins and themes
Plugins and themes receive frequent updates for new features, compatibility improvements and security fixes. Regularly check for updates under Dashboard to prevent vulnerabilities.
- Use the latest MySQL and PHP version
- MySQL: MySQL versions ensure your database performs efficiently and securely.
- PHP: This powers your WordPress site. Newer PHP versions boost speed and maintain plugin compatibility.
- Enable automatic updates
WordPress can automatically install minor security releases. Keep this feature enabled to apply crucial patches without delay.
- Remove unused plugins and themes
Inactive plugins and themes can consume space, increase scan times and potentially expose your site to risks. Delete any that you no longer use.
- Keep the REST API enabled
The WordPress REST API allows developers and plugins to interact securely with your site. Disabling it limits functionality, so keep it enabled while applying proper security measures to prevent brute-force attacks.
We have disabled the WordPress REST API by default on our sites to enhance protection against brute-force attacks. While reducing certain functionalities, this measure significantly strengthens the website's security.
Considering the REST API's vulnerabilities, it is a prudent step and is part of our broader security strategy. Website administrators should assess their security needs when deciding whether to use the REST API.Check out Jetpack's article about How to Access, Use, & Secure WordPress Rest API.
- Install required PHP modules
PHP modules extend WordPress functionality. Some are essential, while others are recommended for performance. Check the Site Health tool for missing modules and ask your hosting provider to install them if needed.
If you need to install a missing module, it's best to reach out to us for help. You can also do it from the dashboard by finding PHP PEAR Packages, but you'll need to configure it in the php.ini file, which can be tricky for beginners. - Disable Debug Mode on live sites
Debug mode is useful for developers, but should not be active on production sites. It can expose warnings and notices that disrupt the user experience. Keep it off unless troubleshooting.
- Ensure scheduled tasks run
WordPress uses cron jobs to handle scheduled tasks like updates and publishing. Confirm that your hosting environment supports these jobs so your site runs smoothly.
Frequently Asked Questions (FAQs)
Q: Do I need a 100% Site Health score?
A: No. A score above 80% is generally sufficient, but reaching 100% ensures all recommendations are addressed.
Q: Which checks are most important?
A: Critical issues should be prioritized over recommended improvements.
Q: Does a perfect score guarantee security?
A: Not entirely. The score shows that WordPress is configured correctly, but you should still follow security best practices.
Q: Can Site Health help with troubleshooting?
A: Yes. The Info tab provides detailed technical data that is useful for diagnosing issues.
Summary
Learn how to boost your website's performance and security by understanding and optimizing your WordPress Site Health score. This article walks you through everything from what the Site Health tool is, how it works, and how to access it, to interpreting the Site Health report and improving your score. Whether you're troubleshooting issues or aiming for a score above 80%, this guide helps you maintain a healthy, secure, and well-performing WordPress site.