PHPackages pantheon-systems/wp-tls-compatibility-checker - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [HTTP & Networking](/categories/http) 4. / 5. pantheon-systems/wp-tls-compatibility-checker ActiveWordpress-plugin[HTTP & Networking](/categories/http) pantheon-systems/wp-tls-compatibility-checker ============================================= A scanner for outgoing HTTP requests in WordPress code to check TLS 1.2/1.3 compatibility. 1.0.0(1y ago)11[1 issues](https://github.com/pantheon-systems/wp-tls-compatibility-checker/issues)[3 PRs](https://github.com/pantheon-systems/wp-tls-compatibility-checker/pulls)MITPHPCI passing Since Mar 7Pushed 1mo ago5 watchersCompare [ Source](https://github.com/pantheon-systems/wp-tls-compatibility-checker)[ Packagist](https://packagist.org/packages/pantheon-systems/wp-tls-compatibility-checker)[ RSS](/packages/pantheon-systems-wp-tls-compatibility-checker/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (1)Dependencies (1)Versions (6)Used By (0) WP TLS Compatibility Checker ============================ [](#wp-tls-compatibility-checker) [![Unofficial Support](https://camo.githubusercontent.com/a2715fb40335a172cd189b166de44cd63f82f818ba6b94af958a799eb5f8293a/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f50616e7468656f6e2d556e6f6666696369616c5f537570706f72742d79656c6c6f773f6c6f676f3d70616e7468656f6e26636f6c6f723d464644433238)](https://docs.pantheon.io/oss-support-levels#unofficial-support)[![Test WP-CLI](https://github.com/pantheon-systems/wp-tls-compatibility-checker/actions/workflows/test-wpcli.yml/badge.svg)](https://github.com/pantheon-systems/wp-tls-compatibility-checker/actions/workflows/test-wpcli.yml)[![Lint](https://github.com/pantheon-systems/wp-tls-compatibility-checker/actions/workflows/lint.yml/badge.svg)](https://github.com/pantheon-systems/wp-tls-compatibility-checker/actions/workflows/lint.yml)[![GitHub Release](https://camo.githubusercontent.com/c2570eb845d450ce44c205a4bd9525117e6c4a89b98c8feae1454b7dc55adca4/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f762f72656c656173652f70616e7468656f6e2d73797374656d732f77702d746c732d636f6d7061746962696c6974792d636865636b6572)](https://camo.githubusercontent.com/c2570eb845d450ce44c205a4bd9525117e6c4a89b98c8feae1454b7dc55adca4/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f762f72656c656173652f70616e7468656f6e2d73797374656d732f77702d746c732d636f6d7061746962696c6974792d636865636b6572)[![GitHub License](https://camo.githubusercontent.com/eaa2d98e1ddc25b4dca6223d821111f709fae13cacd4f344f741db9e30ad9e9e/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f70616e7468656f6e2d73797374656d732f77702d746c732d636f6d7061746962696c6974792d636865636b6572)](https://camo.githubusercontent.com/eaa2d98e1ddc25b4dca6223d821111f709fae13cacd4f344f741db9e30ad9e9e/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f70616e7468656f6e2d73797374656d732f77702d746c732d636f6d7061746962696c6974792d636865636b6572) Stable tag: 1.0.0 Contributors: [jazzsequence](https://github.com/jazzsequence) --- A scanner for outgoing HTTP requests in WordPress code to check TLS 1.2/1.3 compatibility. Installation ------------ [](#installation) ### Via Composer [](#via-composer) ``` composer require pantheon-systems/wp-tls-compatibility-checker ``` ### Via Git Updater [](#via-git-updater) WP TLS Compatibility Checker supports [Andy Fragen's Git Updater](https://git-updater.com) method of managing plugins. 1. Download and install [Git Updater](https://git-updater.com/git-updater/) on your WordPress site. 2. From the Git Updater admin pages, navigate to **Install Plugin** and use the following values: **Plugin URI:** `pantheon-systems/wp-tls-compatibility-checker` **Repository Branch:** `main` **Remote Repository Host:** `GitHub` **GitHub Access Token:** (optional, leave blank) ### Manually [](#manually) 1. Download the \[latest release on GitHub\]([https://](https://github.com/pantheon-systems/wp-tls-compatibility-checker/releases). 2. Unzip the archive into your WordPress plugins directory (usually `/wp-content/plugins/`). 3. Upload the plugin to your WordPress site. 4. Activate the plugin. Usage ----- [](#usage) There are two ways to use the TLS Checker: via the WordPress admin or via WP-CLI. The plugin adds a new TLS Compatibility page to the Tools menu. This page allows you to run a TLS scan on your site against `/wp-content` and all subdirectories. When the scan is complete, a list of URLs that are not compatible with TLS 1.2 or higher will be displayed. [![WP TLS Compatibility Checker admin page](.github/wp-tls-compatibility-checker-admin.png)](.github/wp-tls-compatibility-checker-admin.png) You can also run the scan using the [WP-CLI command described below](#wp-cli-commands). WP-CLI allows you to specify directories to scan, and to output the results in different formats (table, JSON, CSV, or YAML). In either case, both *passing* and *failing* urls are stored to the database. Subsequent scans will automatically *skip* the TLS check for URLs that are known to have passed previously (while still testing URLs that were previously failing). This data can be reset at any time either by using the `tls-checker reset` command from WP-CLI or in the admin with the "Reset TLS Compatibility Data" button. After a scan has been run, if there are any URLs detected that fail the TLS 1.2/1.3 check, an alert will be displayed on your Site Health page with a list of the failing URLs. [![Site Health reported issue](.github/wp-tls-compatibility-checker-site-health.png)](.github/wp-tls-compatibility-checker-site-health.png) Filters ------- [](#filters) The TLS Compatibility Checker plugin contains two filters that can be used to either explicitly *add URLs to scan* or *exclude URLs from scanning*. ### `pantheon.tls_checker.skip_urls` [](#pantheontls_checkerskip_urls) This filter can be used to *exclude URLs from scanning*. The filter accepts an array of URLs to skip. For example: ``` add_filter( 'pantheon.tls_checker.skip_urls', function( $skip_urls ) { $skip_urls[] = 'https://example.com'; return $skip_urls; } ) ; ``` ### `pantheon.tls_checker.additional_urls` [](#pantheontls_checkeradditional_urls) This filter can be used to *add URLs to scan*. The filter accepts an array of URLs to add. For example: ``` add_filter( 'pantheon.tls_checker.additional_urls', function( $additional_urls ) { $additional_urls[] = 'https://example.com'; return $additional_urls; } ) ; ``` Extending the plugin -------------------- [](#extending-the-plugin) All the functions in [`inc/core.php`](blob/main/inc/core.php) are globally declared, allowing you to use any of them in your own code. WP-CLI Commands --------------- [](#wp-cli-commands) The TLS Checker can be run from the command line with WP-CLI. ### `run` [](#run) Runs the TLS checker scan across all PHP files in the given directories (defaults to `/mu-plugins`, `/themes` and `/plugins`). You can specify a directory by passing a `--directory` flag, e.g.: ``` wp tls-checker run --directory=/path/to/my/directory ``` #### Examples [](#examples) ``` wp tls-checker scan ``` ``` wp tls-checker scan --directory=/private/scripts/quicksilver ``` Or, in a Pantheon environment using Terminus: ``` terminus wp -- . tls-checker scan ``` ### `report` [](#report) Returns a full report of checked URLs and whether they passed or failed the TLS check. Supports multiple formats (table, JSON, CSV, YAML). #### Examples [](#examples-1) ``` wp tls-checker report ``` ``` wp tls-checker report --format=json | jq ``` ``` wp tls-checker report --format=csv ``` Or, in a Pantheon environment using Terminus: ``` terminus wp -- . tls-checker report ``` ### `reset` [](#reset) Resets the stored passing and failing URLs so the next scan will re-check all discovered URLs. #### Examples [](#examples-2) ``` wp tls-checker reset ``` ``` terminus wp -- . tls-checker reset ``` How do I know it worked? ------------------------ [](#how-do-i-know-it-worked) If the scan doesn't find anything bad, you should be good to go. If it does, it will list the URLs that it found that weren't compatible. However, if you want to validate that it's working, you can create a new plugin with the following code: ```