=== Web Plura Diagnostics ===
Contributors: wplura
Tags: diagnostics, site health, security, configuration, performance
Requires at least: 5.8
Tested up to: 7.0
Requires PHP: 7.4
Stable tag: 0.2.6
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Local WordPress health, security, configuration, email, hosting, and update diagnostics with prioritized admin actions.

== Description ==

Web Plura Diagnostics is a free admin-only WordPress diagnostics plugin for site owners, agencies, support teams, and administrators who need site health, security posture, configuration, email, hosting, and update-safety insight.

It helps WordPress admins understand:

* What is the problem?
* Why it matters
* Business impact
* What may be causing it
* Who can fix it
* What to fix first

What it includes:

* Overall advisor score and module scores
* Universal check format with problem, impact, causes, actions, ownership, and urgency
* Why This Matters and Business Impact sections for warning/critical findings
* Priority queue (`Fix First`, `Fix Soon`, `Optional Improvements`)
* Dashboard action center (`Recommended Actions`)
* WordPress Site Health-style grouped advisor view
* Beginner vs Advanced Explain Mode (stored in WordPress option)
* Hosting Quality Advisor with copyable host-support message
* Update Safety Advisor and Recovery Readiness indicator
* Lightweight historical change tracking
* Settings page for retention, history, and scheduled scan controls
* Downloadable diagnostics exports (JSON and CSV)
* Optional scheduled diagnostics scans via WP-Cron
* WP-CLI command support for scan/export/cleanup workflows
* Multisite network dashboard surface for cross-site scan visibility
* WordPress privacy tooling compatibility for test-email metadata

What it checks:

* WordPress and server health: WordPress version, PHP version, database version, PHP limits, timezone, URL alignment, cache signals, and key file permissions
* Security and configuration posture: HTTPS, debug visibility, file editing, update backlog, abandoned/stale-plugin indicators, privacy policy setup, and key hardening signals
* Email readiness: local mail transport availability, passive SPF/DKIM/DMARC DNS checks, and admin-triggered test email results; diagnostics scans do not send email automatically
* Performance and hosting signals: memory, object/page cache indicators, cron pressure, upload limits, execution limits, and provider-support guidance
* Plugin, theme, and update safety: inactive plugins, theme update backlog, commerce plugins, builders, and cache plugins, plus high-impact update guidance
* Lead capture readiness: form-plugin presence, likely contact pages, SMTP readiness, privacy-page status, and form-plugin update signals

Good fit for:

* Site owners who want a clear first-pass health and configuration review
* Agencies maintaining multiple WordPress sites
* Support teams collecting safe local diagnostics before deeper troubleshooting
* WordPress admins who want prioritized actions without telemetry

Principles:

* No cloud requirement
* No tracking
* No aggressive popups
* No frontend impact
* Admin-only behavior

What it does not do:

* It does not replace a web application firewall, malware removal service, backup system, uptime monitor, or managed security response team.
* It does not automatically update WordPress, plugins, or themes.
* It does not deactivate plugins, change themes, submit forms, run public vulnerability exploitation checks, or modify frontend content.
* It does not guarantee that a site is secure; it reports local diagnostic signals and gives prioritized guidance for review.

The admin dashboard includes a non-blocking WPlura Cloud benefits notice for automated monitoring and alerts. Free local checks remain available without cloud connection or a paid plan.

Product page: https://wplura.com/products/web-plura-diagnostics
Terms: https://wplura.com/terms
Privacy: https://wplura.com/privacy

Admin menu counters may show locally cached actionable findings or jobs. Counters are local-only and do not trigger scans, cloud calls, tracking, or paid gating during menu rendering.

Automatic update checks use WordPress.org by default for public packages. Direct/private WPlura builds may use signed WPlura release manifests; those checks send only the plugin slug, current version, and release channel.

Data, retention, and uninstall behavior:

* Diagnostics results, history snapshots, explain-mode preference, scheduled-scan settings, export metadata, and manual test-email metadata are stored locally in WordPress options/transients.
* Retention settings allow site admins to control how long local diagnostic history and email-test metadata are kept.
* WordPress privacy exporter/eraser integration is included for plugin-owned test-email metadata.
* Uninstall cleanup removes plugin-owned options, transients, scheduled scan hooks, and local diagnostic metadata.

== Installation ==

1. Upload the `web-plura-diagnostics` folder to `/wp-content/plugins/`.
2. Activate the plugin through the `Plugins` menu in WordPress.
3. Go to `Web Plura Diagnostics` in the admin sidebar.
4. Click `Run Diagnostics`.

== Frequently Asked Questions ==

= Who is Web Plura Diagnostics for? =
It is for WordPress site owners, agencies, support teams, and administrators who want a local health, security, configuration, email, hosting, and update-readiness review before deeper troubleshooting.

= Does this plugin require a cloud account? =
No. It works locally inside WordPress.

= Will it slow down or change my public website? =
No frontend scripts are added for visitors. Diagnostics run from the WordPress admin area, use local WordPress APIs, and do not automatically change public content.

= Does it replace a firewall, malware scanner, or backup plugin? =
No. It provides local diagnostic insights and prioritized guidance. Use a dedicated firewall, malware response process, and backup/restore system where those protections are required.

= Does it send emails automatically? =
No. It only sends a manual test email when an admin explicitly clicks the button.

= Does it perform updates automatically? =
No. It only provides update-safety guidance.

= Does it support Multisite? =
Yes. It includes a multisite network dashboard surface for cross-site diagnostics visibility. Individual site access still follows WordPress capability checks.

= Does it include WP-CLI support? =
Yes. Admins can use `wp web-plura-diagnostics scan`, `wp web-plura-diagnostics export`, and `wp web-plura-diagnostics cleanup` for local operational workflows.

= Does it collect telemetry? =
No. It stores local diagnostics cache and limited local metadata only.

= What data is removed on uninstall? =
The plugin removes plugin-owned options, transients, scheduled scan hooks, local diagnostic history, and local action metadata during uninstall.

= Where can I get support or product information? =
Use the WordPress.org support forum, or visit https://wplura.com/products/web-plura-diagnostics.

== Screenshots ==

1. Advisor dashboard with priority queues
2. Site Health-style advisor checks with expandable problem, impact, and action details
3. Email advisor with test email action
4. Lead Capture Health advisor
5. Hosting advisor and provider message generator
6. Update safety advisor

== Changelog ==

= 0.2.6 =
* Improved Diagnostics check presentation so healthy results, findings, review-needed items, and active problems use clearer status-aware labels.
* Refined Lead Capture Health update-status copy so current form plugins are presented as a professional maintenance result, not as a problem.
* Added contextual WordPress Help Tabs and shared WPlura admin wrapper support across Diagnostics admin and network views.
* Added native WordPress heading and header-divider markup to Diagnostics admin views, including the network dashboard.
* Added WordPress-native postbox foundations to dashboard, settings, export, hosting, updates, and Lead Capture Health panels while preserving existing Diagnostics styling and local-only behavior.

= 0.2.5 =
* Updated the Site Health Advisor with WordPress-native grouped findings and accessible expandable details.
* Kept the health advisor local-only and hardened the WordPress.org-ready package/update behavior.

= 0.2.4 =
* Added local core/server, plugin/theme, cache, URL, file-permission, and email-readiness diagnostics.
* Refreshed diagnostics result cache version so expanded local checks appear after upgrade.

= 0.2.3 =
* Added local-only Lead Capture Health diagnostics, admin page, dashboard module, and cache refresh.

= 0.2.2 =
* Improved admin microcopy, priority guidance, dashboard hierarchy, table readability, scoped motion, and accessibility safeguards.
* Added AJAX report exports, Settings API controls, scheduled scans, multisite dashboard visibility, and WP-CLI commands.
* Added richer test-email failure details capture from `wp_mail_failed` for troubleshooting.

= 0.2.1 =
* Added local SPF/DKIM/DMARC DNS verification attempts, plugin maintenance backlog signals, and broader compatibility headers.

= 0.2.0 =
* Repositioned the plugin as WordPress Problem Advisor with universal advisor checks, priority queues, Explain Mode, hosting/update guidance, history tracking, and dark-mode-aware styling.

= 0.1.0 =
* Initial release.
* Added diagnostics runner with transient caching.
* Added health, email, performance, plugin impact, hosting, and update-risk modules.
* Added recommendations page and secure admin actions.

== External Services ==

This plugin does not require external services for core functionality.

The manual test email feature uses WordPress mail transport (`wp_mail`) configured by your environment.

== Privacy ==

Web Plura Diagnostics stores local diagnostic cache, explain-mode preference, and local action metadata in WordPress options/transients.

No user tracking or telemetry is sent by default.
