Audit your WordPress site's caching, compression, CDN, security exposure and asset bloat in one scan.
We'll scan caching, compression, CDN, WP version exposure, login page, REST API, and asset bloat — no plugin required.
15+ WordPress-specific performance and security checks run from our server — no plugin or login needed.
Identifies WordPress via HTML markers, headers, and generator meta tags — including version number if exposed.
Checks cache-control headers, cache HIT/MISS status, Cloudflare detection, gzip and brotli compression.
Tests wp-login.php accessibility and whether the WP REST API exposes user enumeration at /wp-json/wp/v2/users.
Counts external scripts, inline styles/scripts, query string versioned assets that bypass CDN cache, and admin-ajax usage.