Improve wordpress site health infographics

WordPress checks for 30 items (approximate) in order to determine the “Site Health.” However, most websites passed many of them without any extra effort. In this post, I will discuss & show you how to fix the common issues for your site health.

Not all recommended security headers are installed

If your website loads over SSL or if you are using Really Simple SSL, you will see this error/warning. To fix this issue, you have to manually add the security headers to your “.htaccess” file. Let’s see how to fix it:

Go to the root directory of your WordPress installation and open the “.htaccess” file. And add the following code at the top.

# Really Simple SSL
Header always set Strict-Transport-Security: "max-age=31536000" env=HTTPS 
Header always set X-Content-Type-Options "nosniff"
Header always set X-XSS-Protection "1; mode=block"
Header always set Expect-CT "max-age=7776000, enforce"
Header always set Referrer-Policy: "no-referrer-when-downgrade"
Header always set Content-Security-Policy "upgrade-insecure-requests"
# End Really Simple SSL

Don’t forget to save your “.htaccess.”

You can edit the file from your hosting/cPanel or FTP. If you don’t know, see this post on how to create & use FTP.

Your site is running an outdated version of PHP

To fix the issue, you do need to update your PHP version. The process of upgrading the version depends on the hosting environment that you are using. But generally, it can be found under the option “PHP Config” in cPanel. Some cPanel has an option “PHP Version.” Otherwise, contact your hosting provider to upgrade the version for you.

It does not only help to increase your “Site Health” but also ensures the security of your website.

Your website does not use HTTPS

Install an SSL certificate from an authentic source to fix the issue. There are some options to install SSL certificates for free but I don’t think it’s worth it. So make sure you purchased the SSL from an authentic source. Not to mention, most hosting companies also sell SSL certificates.

You should remove inactive themes

Pretty straightforward & self-explanatory. Login to your WordPress website & Navigate to “Appearance » Themes” and remove all the inactive except for the one “Default WordPress Theme.” For example- Twenty Twenty-One.

Have a default theme available

As I mentioned above, you do need to install one default WordPress theme. It’s not necessary to activate the default theme. You just need a default theme available.

You need this default theme for safety precautions. If your current/active theme breaks for any reason, the default theme will be activated automatically.

Also, if you reset your website for any reason, a default theme is required for it. Otherwise, you’ll get a broken site after the reset process.

You should remove inactive plugins

Delete the plugins that you’re not using. It will not only increase the site health but also improve the performance of your website.

WordPress update available

It means that you’re using an older version of WordPress. You need to update your website to the latest version of WordPress. But be sure to take a complete backup of your website before updating.

These are the most common items that cause negative site health. If you experiencing a different issue, let me know so I can improve the post.