diff --git a/modules/website/lib/remediation-engine.sh b/modules/website/lib/remediation-engine.sh index 41ba159..5dd6e0b 100644 --- a/modules/website/lib/remediation-engine.sh +++ b/modules/website/lib/remediation-engine.sh @@ -223,8 +223,617 @@ generate_remediation() { echo " Expected Improvement: Identify actual bottlenecks" ;; + "heartbeat_api_frequent") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Optimize WordPress Heartbeat API${REMEDIATION_NC}" + echo " Current: Heartbeat running at high frequency (15-30 second intervals)" + echo " Impact: Unnecessary database calls, 2-5% server load" + echo "" + echo " Fix:" + echo " 1. Edit wp-config.php (add before 'That's all, folks!'):" + echo " define( 'HEARTBEAT_INTERVAL', 60 ); // Increase to 60 seconds" + echo "" + echo " 2. Disable heartbeat on frontend:" + echo " add_filter( 'heartbeat_settings', function( \$settings ) {" + echo " if ( ! is_admin() ) return false;" + echo " return \$settings;" + echo " });" + echo "" + echo " 3. Or use WP Heartbeat Control plugin:" + echo " wp plugin install heartbeat-control --activate" + echo "" + echo " Expected Improvement: 2-5% reduced server load" + ;; + + "rest_api_exposed") + echo -e "${REMEDIATION_INFO}REMEDIATION: Secure WordPress REST API Exposure${REMEDIATION_NC}" + echo " Current: REST API is publicly accessible" + echo " Impact: Security consideration, minimal performance impact" + echo "" + echo " Fix (Choose one):" + echo "" + echo " Option 1: Require authentication (safest)" + echo " add_filter( 'rest_authentication_errors', function( \$result ) {" + echo " if ( ! is_user_logged_in() ) {" + echo " return new WP_Error( 'rest_not_logged_in', 'You must be logged in', array( 'status' => 401 ) );" + echo " }" + echo " return \$result;" + echo " });" + echo "" + echo " Option 2: Disable completely" + echo " add_filter( 'rest_enabled', '__return_false' );" + echo "" + echo " Option 3: Limit to specific endpoints (if needed)" + echo " wp plugin install disable-json-api --activate" + ;; + + "emoji_scripts_enabled") + echo -e "${REMEDIATION_INFO}REMEDIATION: Disable Emoji Support Scripts${REMEDIATION_NC}" + echo " Current: Emoji support loading extra resources" + echo " Impact: 1-2 extra HTTP requests (~10KB)" + echo "" + echo " Fix (Choose one):" + echo "" + echo " Option 1: Using code (fastest)" + echo " add_action( 'init', function() {" + echo " remove_action( 'wp_head', 'print_emoji_detection_script', 7 );" + echo " remove_action( 'wp_print_styles', 'print_emoji_styles' );" + echo " }, 0 );" + echo "" + echo " Option 2: Using plugin" + echo " wp plugin install disable-emojis --activate" + echo "" + echo " Expected Improvement: Save 1-2 HTTP requests" + ;; + + "post_revisions_excessive") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Clean Up Excessive Post Revisions${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: Database bloat, slower queries" + echo "" + echo " Fix:" + echo " 1. Limit future revisions in wp-config.php:" + echo " define( 'WP_POST_REVISIONS', 5 ); // Keep only 5 revisions" + echo "" + echo " 2. Delete existing excess revisions:" + echo " wp post delete \$(wp post list --format=ids --post_type=revision) --force" + echo "" + echo " 3. Clean database:" + echo " wp db cleanup # If available" + echo "" + echo " Expected Improvement: 10-20% reduction in database size" + ;; + + "pingbacks_trackbacks_enabled") + echo -e "${REMEDIATION_INFO}REMEDIATION: Disable Pingbacks & Trackbacks${REMEDIATION_NC}" + echo " Current: Pingbacks and trackbacks enabled (rarely used)" + echo " Impact: Minor (security consideration)" + echo "" + echo " Fix:" + echo " 1. Add to wp-config.php:" + echo " add_filter( 'pings_open', '__return_false' );" + echo "" + echo " 2. In WordPress admin:" + echo " Settings → Discussion → Uncheck 'Allow link notifications from other blogs'" + echo "" + echo " Expected Improvement: Reduced spam and unnecessary pings" + ;; + + "innodb_buffer_pool_undersized") + echo -e "${REMEDIATION_CRITICAL}REMEDIATION: Increase InnoDB Buffer Pool${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: 50-80% faster database queries" + echo "" + echo " Fix:" + echo " 1. Check current RAM and database size:" + echo " free -h" + echo " du -sh /var/lib/mysql" + echo "" + echo " 2. Edit /etc/my.cnf:" + echo " [mysqld]" + echo " innodb_buffer_pool_size = 8G # 50-75% of available RAM" + echo "" + echo " 3. For MariaDB, also set:" + echo " innodb_buffer_pool_instances = 4" + echo "" + echo " 4. Restart MySQL:" + echo " systemctl restart mysql" + echo "" + echo " 5. Verify:" + echo " mysql -e \"SHOW VARIABLES LIKE 'innodb_buffer_pool_size';\"" + echo "" + echo " Expected Improvement: 50-80% faster queries" + ;; + + "max_allowed_packet_low") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Increase max_allowed_packet${REMEDIATION_NC}" + echo " Current: $finding_value (too low)" + echo " Impact: Prevents import of large files, backup failures" + echo "" + echo " Fix:" + echo " 1. Edit /etc/my.cnf:" + echo " [mysqld]" + echo " max_allowed_packet = 256M # Increase from 16M to 256M" + echo "" + echo " 2. Restart MySQL:" + echo " systemctl restart mysql" + echo "" + echo " 3. Verify:" + echo " mysql -e \"SHOW VARIABLES LIKE 'max_allowed_packet';\"" + echo "" + echo " Expected Improvement: Allow large file imports/backups" + ;; + + "innodb_file_per_table_disabled") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Enable InnoDB File Per Table${REMEDIATION_NC}" + echo " Current: File per table disabled (tablespace bloat)" + echo " Impact: Better space management and faster TRUNCATE" + echo "" + echo " Fix:" + echo " 1. Edit /etc/my.cnf:" + echo " [mysqld]" + echo " innodb_file_per_table = 1" + echo "" + echo " 2. Restart MySQL:" + echo " systemctl restart mysql" + echo "" + echo " 3. Rebuild existing tables:" + echo " wp db query \"ALTER TABLE wp_posts ENGINE=InnoDB;\"" + echo "" + echo " Expected Improvement: Better disk space management" + ;; + + "query_cache_issues") + echo -e "${REMEDIATION_INFO}REMEDIATION: Fix Query Cache Configuration${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: Query cache not working efficiently" + echo "" + echo " Note: MySQL 5.7 (deprecated in 8.0)" + echo "" + echo " Fix:" + echo " 1. Edit /etc/my.cnf:" + echo " [mysqld]" + echo " query_cache_type = 1" + echo " query_cache_size = 256M" + echo " query_cache_limit = 2M" + echo "" + echo " 2. Restart MySQL:" + echo " systemctl restart mysql" + echo "" + echo " 3. For MySQL 8.0+: Use InnoDB caching or Redis instead" + ;; + + "temp_table_size_small") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Increase Temporary Table Size${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: Slow temporary table operations, disk writes" + echo "" + echo " Fix:" + echo " 1. Edit /etc/my.cnf:" + echo " [mysqld]" + echo " tmp_table_size = 256M" + echo " max_heap_table_size = 256M # Must be same or larger" + echo "" + echo " 2. Restart MySQL:" + echo " systemctl restart mysql" + echo "" + echo " Expected Improvement: Faster temp table operations" + ;; + + "realpath_cache_small") + echo -e "${REMEDIATION_INFO}REMEDIATION: Increase PHP Realpath Cache${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: 2-5% PHP performance improvement" + echo "" + echo " Fix:" + echo " 1. Edit /etc/php/8.0/fpm/php.ini:" + echo " realpath_cache_size = 256K" + echo " realpath_cache_ttl = 3600" + echo "" + echo " 2. Restart PHP-FPM:" + echo " systemctl restart php-fpm" + echo "" + echo " Expected Improvement: 2-5% faster file operations" + ;; + + "display_errors_enabled") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Disable display_errors in Production${REMEDIATION_NC}" + echo " Current: display_errors is ON (security risk)" + echo " Impact: Security issue, reveals server information" + echo "" + echo " Fix:" + echo " 1. Edit /etc/php/8.0/fpm/php.ini:" + echo " display_errors = Off" + echo " log_errors = On" + echo "" + echo " 2. Restart PHP-FPM:" + echo " systemctl restart php-fpm" + echo "" + echo " Also in WordPress (wp-config.php):" + echo " define( 'WP_DEBUG_DISPLAY', false );" + ;; + + "keepalive_disabled") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Enable HTTP KeepAlive${REMEDIATION_NC}" + echo " Current: KeepAlive disabled" + echo " Impact: 20-30% slower for multiple requests" + echo "" + echo " Fix:" + echo " 1. Edit /etc/apache2/apache2.conf or sites-enabled/{domain}.conf:" + echo " KeepAlive On" + echo " KeepAliveTimeout 15" + echo " MaxKeepAliveRequests 500" + echo "" + echo " 2. Restart Apache:" + echo " systemctl restart apache2" + echo "" + echo " Expected Improvement: 20-30% faster for multiple assets" + ;; + + "sendfile_disabled") + echo -e "${REMEDIATION_INFO}REMEDIATION: Enable Sendfile${REMEDIATION_NC}" + echo " Current: Sendfile disabled" + echo " Impact: 10-15% improvement for static file delivery" + echo "" + echo " Fix:" + echo " 1. Edit /etc/apache2/apache2.conf:" + echo " EnableSendfile On" + echo "" + echo " 2. Restart Apache:" + echo " systemctl restart apache2" + echo "" + echo " Expected Improvement: 10-15% faster static files" + ;; + + "gzip_compression_low") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Optimize Gzip Compression${REMEDIATION_NC}" + echo " Current: Gzip compression level: $finding_value" + echo " Impact: 30-50% reduction in file sizes" + echo "" + echo " Fix:" + echo " 1. Edit /etc/apache2/apache2.conf:" + echo " " + echo " DeflateCompressionLevel 6 # 1-9, balance speed/size" + echo " AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript" + echo " " + echo "" + echo " 2. Restart Apache:" + echo " systemctl restart apache2" + echo "" + echo " Expected Improvement: 30-50% smaller file transfers" + ;; + + "ssl_version_old") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Update SSL/TLS Protocol Version${REMEDIATION_NC}" + echo " Current: Old SSL/TLS version detected" + echo " Impact: Security risk, slower handshake" + echo "" + echo " Fix:" + echo " 1. Edit /etc/apache2/mods-enabled/ssl.conf:" + echo " SSLProtocol TLSv1.2 TLSv1.3 # Disable SSLv3, TLSv1.0, TLSv1.1" + echo "" + echo " 2. Restart Apache:" + echo " systemctl restart apache2" + echo "" + echo " Verify:" + echo " openssl s_client -connect example.com:443" + ;; + + "wordpress_cron_disabled") + echo -e "${REMEDIATION_INFO}REMEDIATION: Configure WordPress Cron${REMEDIATION_NC}" + echo " Current: wp-cron is disabled or misconfigured" + echo " Impact: Scheduled tasks may not run" + echo "" + echo " Fix:" + echo " 1. Enable wp-cron in wp-config.php:" + echo " define( 'DISABLE_WP_CRON', false );" + echo "" + echo " 2. Or set system cron instead (better performance):" + echo " # Edit wp-config.php:" + echo " define( 'DISABLE_WP_CRON', true );" + echo "" + echo " # Add to crontab (crontab -e):" + echo " */15 * * * * curl -s https://example.com/wp-cron.php?doing_wp_cron > /dev/null" + ;; + + "backup_during_peak_hours") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Move Backups to Off-Peak Hours${REMEDIATION_NC}" + echo " Current: Backups running during peak traffic hours" + echo " Impact: Site slowness during backups (10-30% slower)" + echo "" + echo " Fix:" + echo " 1. Check current backup schedule:" + echo " crontab -l | grep backup" + echo "" + echo " 2. Move to off-peak hours (e.g., 2 AM):" + echo " 0 2 * * * /path/to/backup-script.sh" + echo "" + echo " 3. Consider using incremental backups to reduce time" + echo "" + echo " Expected Improvement: No slowness during peak hours" + ;; + + "disk_space_critical") + echo -e "${REMEDIATION_CRITICAL}REMEDIATION: Free Up Critical Disk Space${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: Site may fail, database corruption risk" + echo "" + echo " Fix (Choose one):" + echo "" + echo " Option 1: Clear old backups" + echo " rm -rf /home/*/public_html/backup-*.tar.gz" + echo " rm -rf /home/*/backup_*.sql" + echo "" + echo " Option 2: Clear logs" + echo " > /var/log/apache2/access.log" + echo " > /var/log/apache2/error.log" + echo " > /var/log/mysql/error.log" + echo "" + echo " Option 3: Clear temporary files" + echo " rm -rf /tmp/*" + echo " wp cache flush --all" + echo "" + echo " Verify:" + echo " df -h" + ;; + + "autoload_options_bloated") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Clean Up Autoloaded Options${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: Slower page loads (5-15%)" + echo "" + echo " Fix:" + echo " 1. List autoloaded options:" + echo " wp option list --autoload=yes" + echo "" + echo " 2. Identify problematic options:" + echo " SELECT option_name, LENGTH(option_value) as size" + echo " FROM wp_options WHERE autoload='yes'" + echo " ORDER BY size DESC LIMIT 10;" + echo "" + echo " 3. Disable autoload for large options:" + echo " wp option update {option_name} '{value}' --autoload=no" + echo "" + echo " Expected Improvement: 5-15% faster page loads" + ;; + + "image_format_unoptimized") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Optimize Image Formats${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: 30-50% faster image delivery" + echo "" + echo " Fix (Choose one):" + echo "" + echo " Option 1: Enable WebP format via plugin" + echo " wp plugin install imagify --activate" + echo "" + echo " Option 2: Using ShortPixel" + echo " wp plugin install shortpixel-image-optimiser --activate" + echo "" + echo " Option 3: Bulk optimize existing images" + echo " wp plugin install ewww-image-optimizer --activate" + echo " wp plugin activate ewww-image-optimizer" + echo "" + echo " Expected Improvement: 30-50% reduction in file sizes" + ;; + + "plugin_conflicts_detected") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Resolve Plugin Conflicts${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: 5-20% performance penalty" + echo "" + echo " Fix:" + echo " 1. Identify conflicting plugins:" + echo " wp plugin list" + echo "" + echo " 2. Deactivate one of the conflicting plugins:" + echo " wp plugin deactivate {plugin-name}" + echo "" + echo " 3. Check for duplicate caching plugins:" + echo " Look for: W3 Total Cache, WP Super Cache, WP Rocket (use only 1)" + echo "" + echo " 4. Check for duplicate security plugins:" + echo " Look for: Wordfence, Sucuri, iThemes Security (use only 1)" + echo "" + echo " Expected Improvement: 5-20% performance gain" + ;; + + "caching_plugin_misconfigured") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Configure Caching Plugin${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: 20-50% slower without proper cache configuration" + echo "" + echo " Fix (for W3 Total Cache):" + echo " 1. Go to: WP Admin → W3 Total Cache → Settings" + echo " 2. Enable:" + echo " - Page Cache (Disk or Redis)" + echo " - Minify (JS/CSS)" + echo " - Database Cache" + echo " - Object Cache (if using Redis/Memcached)" + echo "" + echo " 3. For WP Rocket:" + echo " 1. WP Rocket → Settings → Caching" + echo " 2. Enable Caching" + echo " 3. Enable Lazy Load" + echo " 4. Clear cache after changes" + echo "" + echo " Expected Improvement: 20-50% faster page loads" + ;; + + "lazy_loading_disabled") + echo -e "${REMEDIATION_INFO}REMEDIATION: Enable Lazy Loading${REMEDIATION_NC}" + echo " Current: Images not lazy loaded" + echo " Impact: 10-30% faster initial page load" + echo "" + echo " Fix (Choose one):" + echo "" + echo " Option 1: WordPress native (5.5+)" + echo " Images automatically lazy load with loading='lazy'" + echo "" + echo " Option 2: Manual configuration" + echo " Add to functions.php:" + echo " add_filter( 'wp_lazy_loading_enabled', '__return_true' );" + echo "" + echo " Option 3: Plugin solution" + echo " wp plugin install a3-lazy-load --activate" + echo "" + echo " Expected Improvement: 10-30% faster first paint" + ;; + + "cdn_not_configured") + echo -e "${REMEDIATION_INFO}REMEDIATION: Configure Content Delivery Network${REMEDIATION_NC}" + echo " Current: CDN not configured" + echo " Impact: 20-40% improvement for global users" + echo "" + echo " Fix:" + echo " 1. Sign up for CDN service:" + echo " - Cloudflare (free tier available)" + echo " - BunnyCDN" + echo " - KeyCDN" + echo " - Stackpath" + echo "" + echo " 2. Update nameservers or create CNAME" + echo "" + echo " 3. Configure in WordPress (if needed):" + echo " wp plugin install cdn-enabler --activate" + echo "" + echo " Expected Improvement: 20-40% faster for remote users" + ;; + + "minification_disabled") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Enable CSS/JS Minification${REMEDIATION_NC}" + echo " Current: CSS and JavaScript not minified" + echo " Impact: 10-25% reduction in file sizes" + echo "" + echo " Fix:" + echo " 1. Using W3 Total Cache:" + echo " W3 Total Cache → Settings → Minify" + echo " Enable minification for JS and CSS" + echo "" + echo " 2. Or using WP Rocket:" + echo " WP Rocket → Asset Optimization" + echo " Enable JS/CSS Minification" + echo "" + echo " Expected Improvement: 10-25% smaller CSS/JS files" + ;; + + "connection_timeout_issue") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Adjust Connection Timeout${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: Connection failures or timeouts" + echo "" + echo " Fix:" + echo " 1. Edit /etc/my.cnf:" + echo " [mysqld]" + echo " connect_timeout = 30" + echo " interactive_timeout = 28800" + echo " wait_timeout = 28800" + echo "" + echo " 2. Restart MySQL:" + echo " systemctl restart mysql" + ;; + + "php_version_eol") + echo -e "${REMEDIATION_CRITICAL}REMEDIATION: Upgrade PHP Version${REMEDIATION_NC}" + echo " Current: $finding_value (end-of-life)" + echo " Impact: 20-40% performance improvement, security risk" + echo "" + echo " Fix:" + echo " 1. Check available PHP versions:" + echo " php -v" + echo " apt search php | grep php8" + echo "" + echo " 2. Upgrade PHP (for cPanel/WHM):" + echo " /usr/local/cpanel/bin/ea4 --show-available-php-versions" + echo " /usr/local/cpanel/bin/update-php --to=8.1" + echo "" + echo " 3. For other systems:" + echo " apt install php8.1 php8.1-fpm php8.1-mysql" + echo " systemctl restart php8.1-fpm" + echo "" + echo " Expected Improvement: 20-40% faster PHP execution" + ;; + + "pm2_processes_high") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Optimize PHP-FPM Process Manager${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: Excessive process spawning, memory waste" + echo "" + echo " Fix:" + echo " 1. Edit /etc/php/8.0/fpm/pool.d/www.conf:" + echo " pm = dynamic" + echo " pm.max_children = 50 # CPU cores * 2" + echo " pm.start_servers = 10" + echo " pm.min_spare_servers = 5" + echo " pm.max_spare_servers = 20" + echo "" + echo " 2. Restart PHP-FPM:" + echo " systemctl restart php-fpm" + echo "" + echo " Expected Improvement: Better memory management" + ;; + + "swap_usage_detected") + echo -e "${REMEDIATION_CRITICAL}REMEDIATION: Fix Critical Swap Usage${REMEDIATION_NC}" + echo " Current: System using swap (disk instead of RAM)" + echo " Impact: 50-100x SLOWER performance" + echo "" + echo " Fix (Choose one):" + echo "" + echo " Option 1: Increase available RAM (best fix)" + echo " Upgrade server RAM" + echo "" + echo " Option 2: Reduce memory usage" + echo " - Disable unneeded plugins" + echo " - Reduce PHP processes" + echo " - Clear caches" + echo "" + echo " Option 3: Disable swap" + echo " swapoff -a # Disable swap" + echo "" + echo " Verify:" + echo " free -h # Should show Swap: 0B used" + ;; + + "database_stats_stale") + echo -e "${REMEDIATION_INFO}REMEDIATION: Update Database Statistics${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: Better query optimization" + echo "" + echo " Fix:" + echo " 1. Analyze all tables:" + echo " wp db optimize" + echo "" + echo " 2. Or manually:" + echo " ANALYZE TABLE wp_posts;" + echo " ANALYZE TABLE wp_postmeta;" + echo " ANALYZE TABLE wp_options;" + echo "" + echo " Schedule regular analysis:" + echo " Add to crontab (weekly):" + echo " 0 3 * * 0 wp db optimize" + ;; + + "large_transient_data") + echo -e "${REMEDIATION_WARNING}REMEDIATION: Clean Up Transient Data${REMEDIATION_NC}" + echo " Current: $finding_value" + echo " Impact: Database bloat, slower queries" + echo "" + echo " Fix:" + echo " 1. List and remove expired transients:" + echo " wp transient delete-all" + echo "" + echo " 2. Or selectively clean old transients:" + echo " DELETE FROM wp_options WHERE option_name LIKE '%transient%' AND option_name NOT LIKE '%_timeout%';" + echo "" + echo " Expected Improvement: 5-10% database performance" + ;; + *) - echo -e "${REMEDIATION_INFO}Remediation for '$check_name': $finding_value${REMEDIATION_NC}" + echo -e "${REMEDIATION_INFO}REMEDIATION RECOMMENDATION: $check_name${REMEDIATION_NC}" + echo " Finding: $finding_value" + echo " Severity: $finding_severity" + echo "" + echo " For detailed remediation, review the full report above." ;; esac } @@ -238,9 +847,9 @@ analyze_findings_for_remediation() { local temp_dir="$1" echo "" - echo "================================================================================================" - echo " INTELLIGENT REMEDIATION RECOMMENDATIONS " - echo "================================================================================================" + echo "════════════════════════════════════════════════════════════════════════════════════════════" + echo " INTELLIGENT REMEDIATION RECOMMENDATIONS " + echo "════════════════════════════════════════════════════════════════════════════════════════════" echo "" # Track remediation count @@ -251,79 +860,192 @@ analyze_findings_for_remediation() { echo "" # Check for Xdebug - if grep -q "Xdebug" "$temp_dir"/*.tmp 2>/dev/null; then + if grep -qi "Xdebug\|xdebug_enabled" "$temp_dir"/*.tmp 2>/dev/null; then generate_remediation "xdebug_enabled" "true" "CRITICAL" remediation_count=$((remediation_count + 1)) echo "" fi # Check for WP_DEBUG - if grep -q "WP_DEBUG.*true\|DEBUG.*enabled" "$temp_dir"/*.tmp 2>/dev/null; then + if grep -qi "WP_DEBUG.*true\|DEBUG.*enabled" "$temp_dir"/*.tmp 2>/dev/null; then generate_remediation "wp_debug_enabled" "true" "CRITICAL" remediation_count=$((remediation_count + 1)) echo "" fi - # Check for backup files in docroot - if grep -q "CRITICAL.*Backup files in docroot" "$temp_dir"/*.tmp 2>/dev/null; then - echo -e "${REMEDIATION_CRITICAL}REMEDIATION: Remove Backup Files from Public Directory${REMEDIATION_NC}" - echo " These are blocking the site and wasting resources!" + # Check for Swap usage + if grep -qi "swap.*usage\|using swap" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "swap_usage_detected" "true" "CRITICAL" + remediation_count=$((remediation_count + 1)) echo "" - echo " Command: rm -rf /home/{user}/public_html/backup-*.tar.gz" + fi + + # Check for PHP version EOL + if grep -qi "PHP.*end.*of.*life\|EOL\|outdated.*php" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "php_version_eol" "PHP < 7.4" "CRITICAL" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for backup files in docroot + if grep -qi "CRITICAL.*Backup files in docroot\|backup.*tar\.gz" "$temp_dir"/*.tmp 2>/dev/null; then + echo -e "${REMEDIATION_CRITICAL}REMEDIATION: Remove Backup Files from Public Directory${REMEDIATION_NC}" + echo " These files expose sensitive data and waste server resources!" + echo "" + echo " Command: find /home/*/public_html -name 'backup*.tar.gz' -delete" + echo " Command: find /home/*/public_html -name '*.sql' -delete" echo "" remediation_count=$((remediation_count + 1)) echo "" fi - echo -e "${REMEDIATION_WARNING}═══ HIGH-PRIORITY ISSUES (Fix Soon) ═══${REMEDIATION_NC}" + # Check for disk space critical + if grep -qi "CRITICAL.*disk.*space\|disk full" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "disk_space_critical" "< 5% free" "CRITICAL" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + echo -e "${REMEDIATION_WARNING}═══ HIGH-PRIORITY ISSUES (Fix This Week) ═══${REMEDIATION_NC}" echo "" # Check for XML-RPC - if grep -q "XML-RPC\|xmlrpc" "$temp_dir"/*.tmp 2>/dev/null; then + if grep -qi "XML-RPC\|xmlrpc" "$temp_dir"/*.tmp 2>/dev/null; then generate_remediation "xmlrpc_enabled" "true" "WARNING" remediation_count=$((remediation_count + 1)) echo "" fi # Check for low PHP memory - if grep -q "CRITICAL.*memory" "$temp_dir"/*.tmp 2>/dev/null; then - generate_remediation "php_memory_low" "low" "WARNING" + if grep -qi "memory.*limit\|php.*memory" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "php_memory_low" "< 256M" "WARNING" remediation_count=$((remediation_count + 1)) echo "" fi # Check for low InnoDB buffer pool - if grep -q "buffer.*pool\|innodb" "$temp_dir"/*.tmp 2>/dev/null; then - generate_remediation "db_buffer_pool_small" "128M" "WARNING" - remediation_count=$((remediation_count + 1)) - echo "" - fi - - echo -e "${REMEDIATION_INFO}═══ OPTIMIZATION OPPORTUNITIES (Improve Performance) ═══${REMEDIATION_NC}" - echo "" - - # Check for OPcache - if grep -q "OPcache\|opcache" "$temp_dir"/*.tmp 2>/dev/null; then - generate_remediation "opcache_disabled" "true" "INFO" + if grep -qi "buffer.*pool\|innodb.*small" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "innodb_buffer_pool_undersized" "128M" "CRITICAL" remediation_count=$((remediation_count + 1)) echo "" fi # Check for HTTP/2 - if grep -q "HTTP/1\|http.*1\.1" "$temp_dir"/*.tmp 2>/dev/null; then - generate_remediation "http2_disabled" "true" "INFO" + if grep -qi "HTTP/1\|http.*1\.1\|http2_disabled" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "http2_disabled" "true" "WARNING" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for Gzip compression + if grep -qi "gzip.*disabled\|compression.*disabled" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "gzip_compression_low" "disabled" "WARNING" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for image optimization + if grep -qi "image.*optimize\|webp.*not.*supported\|image.*format" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "image_format_unoptimized" "JPEG/PNG" "WARNING" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for plugin conflicts + if grep -qi "plugin.*conflict\|duplicate.*plugin" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "plugin_conflicts_detected" "detected" "WARNING" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for autoload bloat + if grep -qi "autoload.*bloat\|autoload.*options.*high" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "autoload_options_bloated" "> 1000 options" "WARNING" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + echo -e "${REMEDIATION_INFO}═══ OPTIMIZATION OPPORTUNITIES (Nice to Have) ═══${REMEDIATION_NC}" + echo "" + + # Check for OPcache + if grep -qi "OPcache\|opcache.*disabled" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "opcache_disabled" "true" "INFO" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for caching + if grep -qi "caching.*not.*enabled\|cache.*disabled\|caching_plugin" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "caching_plugin_misconfigured" "disabled" "INFO" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for lazy loading + if grep -qi "lazy.*load.*disabled\|lazy_loading" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "lazy_loading_disabled" "disabled" "INFO" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for CDN + if grep -qi "CDN.*not.*configured\|cdn_not_configured" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "cdn_not_configured" "none" "INFO" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for minification + if grep -qi "minif.*disabled\|minification.*not.*enabled" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "minification_disabled" "disabled" "INFO" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for heartbeat + if grep -qi "heartbeat.*frequent\|heartbeat_api" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "heartbeat_api_frequent" "15s" "WARNING" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for autosave + if grep -qi "autosave.*too.*frequent\|autosave_frequency" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "autosave_too_frequent" "60s" "WARNING" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for revisions + if grep -qi "post.*revision\|excessive.*revision" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "post_revisions_excessive" "> 100 per post" "WARNING" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for max_allowed_packet + if grep -qi "max_allowed_packet.*low\|max_allowed_packet" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "max_allowed_packet_low" "16M" "WARNING" + remediation_count=$((remediation_count + 1)) + echo "" + fi + + # Check for slow query log + if grep -qi "slow.*query.*log\|slow_query_threshold" "$temp_dir"/*.tmp 2>/dev/null; then + generate_remediation "slow_query_log_threshold" "10s" "INFO" remediation_count=$((remediation_count + 1)) echo "" fi if [ $remediation_count -eq 0 ]; then - echo -e "${REMEDIATION_SUCCESS}✓ No critical issues detected!${REMEDIATION_NC}" + echo -e "${REMEDIATION_SUCCESS}✓ No issues detected! Your site is well optimized.${REMEDIATION_NC}" echo "" fi - echo "================================================================================================" + echo "════════════════════════════════════════════════════════════════════════════════════════════" echo "Remediation recommendations generated: $remediation_count" - echo "================================================================================================" + echo "════════════════════════════════════════════════════════════════════════════════════════════" echo "" }