DiveWP – Boost Site Performance with Clear, Actionable Steps
Compatibility: Requires WordPress 6.0 or later. Tested through WordPress 7.0 (full support on WordPress 7). Abilities API / MCP features need WordPress 6.9+ (included in WordPress 7); all other DiveWP features run on the minimum version. 📋 System Logs Central place to read and understand errors without opening raw log files. The System Logs screen merges WordPress debug.log, WooCommerce file logs, and the WooCommerce fatal error log (when present), with severity labels (fatal, error, warning, notice, info) and grouping by source (plugin, theme, WooCommerce, or core). What you get: * Latest — newest entries across all readable sources, with adjustable “show last” limits (50–500) * By Source — cards per source with severity counts; drill into entries for one source * WP Debug Log — focused view of wp-content/debug.log (when readable) * WooCommerce Logs — log files from WooCommerce’s log handler * Fatal Errors Log — WooCommerce fatal error log when available * Logs Access Help — guidance when logs are missing or not readable (permissions, host-managed paths) * Entry details — modal with full message/stack context and copy for support * Abilities API: divewp/system-logs — same views for AI assistants via MCP (latest, by source, per-source entries, filters, help status) 🔌 NEW: Plugins Management Monitor and manage all installed plugins from one place. DiveWP’s Plugins Management feature shows every plugin with active/inactive status, update availability, and “Up to date” state. View details and changelog from WordPress.org, and activate or deactivate plugins without leaving the dashboard. Plugins Management & Abilities API: Use the divewp/plugins-management ability so AI assistants can list plugins, fetch description and changelog for a plugin, or activate/deactivate a plugin by file path. What Plugins Management Delivers: * Unified plugin list – All installed plugins with status pills (Active, Inactive, Update Available, Up to date) * Dashboard overview – Green and red pill counts on the main dashboard for quick health overview * Details drawer – Overview, full description, and changelog from WordPress.org * Toggle activation – Activate or deactivate plugins from the card or drawer * Search – Filter plugins by name, author, or description * Abilities API – Operations: list (all plugins), details (wp.org info for one plugin), toggle (activate/deactivate) 🤖 NEW: AI Capabilities & WordPress Abilities API Talk to your WordPress site through AI! DiveWP integrates with the WordPress Abilities API and Model Context Protocol (MCP), so AI tools like Cursor, Claude, and ChatGPT can query your site’s health and diagnostics directly—no copy-paste needed. WordPress Abilities API & MCP: * 12 Diagnostic Abilities – Server insights, cron monitoring, plugins management, database health, security audits, system logs (debug/WooCommerce/fatal), and more via the Abilities API * Zero Copy-Paste – AI agents run diagnostics through MCP without manual log sharing * Secure Authentication – WordPress Application Passwords for safe, controlled access * Step-by-Step Setup – “AI Capabilities” tab guides you through 3-step configuration for Abilities API and MCP clients Available Abilities: * divewp/server-insights – Full server health & config check * divewp/cron-insights – Monitor WP-Cron and Action Scheduler; background tasks & overdue jobs * divewp/db-insights – Database size & optimization status * divewp/security-insights – Vulnerability & configuration audit * divewp/performance-checks – Caching & optimization discovery * divewp/theme-builder-insights – Theme and page builder health * divewp/woocommerce-best-practices – WooCommerce optimization * divewp/seo-optimization – SEO configuration audit * divewp/email-communications – Email delivery & SMTP status * divewp/hosting-benchmark-latest – Latest benchmark results * divewp/plugins-management – List installed plugins, fetch wp.org details/changelog, or toggle plugin activation (operations: list, details, toggle) * divewp/system-logs – WordPress debug log, WooCommerce logs, fatal error log; views: latest, by source, filters, help status ⏰ NEW: Cron Job Manager & WP-Cron Monitoring Take control of WordPress cron jobs and scheduled tasks. DiveWP’s Cron Job Manager gives you a clear view of WP-Cron and Action Scheduler so you can spot overdue jobs, slow hooks, and misconfigured cron setups. Cron Jobs & Abilities API: Use the divewp/cron-insights ability so AI assistants can inspect your cron status, overdue tasks, and recommendations without opening the admin. What the Cron Job Manager Delivers: * Real-time cron monitoring – WP-Cron and Action Scheduler in one dashboard * Hook performance – Execution time and memory per cron hook * Overdue & orphan detection – Find stuck or orphaned scheduled tasks * Execution history – Filterable, paginated cron run history * Health guidance – System health and cron configuration tips 🚀 Hosting Performance Benchmark – Know If You Need to Upgrade! Measure how your hosting handles your WordPress site! DiveWP’s comprehensive Hosting Performance Benchmark is a powerful enterprise-grade testing system that evaluates your hosting environment through real-world performance tests. What It Tests: * Database Performance – Tests INSERT, SELECT, UPDATE operations, datetime functions, and aggregate operations (8 comprehensive tests) * Server Resources – Evaluates CPU, memory, I/O, and network capabilities (5 resource tests) * Concurrency Handling – Measures how your hosting performs under multiple simultaneous requests (4 concurrency tests) * E-commerce Performance – Tests WooCommerce-like operations including price calculations, shipping, and inventory checks (3 performance tests) Key Benefits: * 20+ Individual Tests – Comprehensive evaluation across 4 major categories * Real-World Simulation – Tests simulate actual WordPress operations, not synthetic benchmarks * 6-Minute Complete Analysis – Get detailed insights in approximately 6 minutes * Actionable Results – Understand if your current hosting is sufficient or if you need to upgrade * Cross-Database Compatible – Works with MySQL, MariaDB, PostgreSQL, SQLite, and SQL Server * Optimized for Shared Hosting – Designed to work efficiently even on shared hosting environments Perfect For: * Site owners wondering if their hosting plan is sufficient * Users experiencing slow performance and wanting to identify bottlenecks * Anyone considering upgrading their hosting plan * Developers evaluating hosting performance for client sites 🎯 Transform Your WP Journey Discover your site’s true potential by understanding exactly what’s happening under the hood. DiveWP provides clear insights about Performance, Security, and Best Practices – all explained in plain English. Take control of your digital presence by learning as you optimize! 🔍 Key Features 🔌 NEW: Plugins Management * Unified list of all installed plugins with status (Active, Inactive, Update Available, Up to date) * Dashboard counts green (up to date) and red (updates available) pills for quick overview * Details drawer with overview, WordPress.org description, and changelog * Toggle plugin activation from card or drawer; search by name, author, or description * Abilities API: divewp/plugins-management (list, details, toggle) for AI-assisted plugin management ⏰ NEW: Cron Job Manager & WP-Cron Monitoring * Real-time WP-Cron and Action Scheduler tracking * Monitor hook performance and execution time * Detect orphaned and overdue tasks * Identify problematic cron hooks affecting performance * Complete execution history with filtering and pagination * Integrates with Abilities API via divewp/cron-insights for AI-assisted cron diagnostics 🤖 NEW: AI Capabilities & WordPress Abilities API * WordPress Abilities API and MCP let AI assistants query your site for diagnostics * 12 abilities for server, cron jobs, plugins, security, database, performance insights, and system logs * Works with Cursor, Claude Desktop, ChatGPT, and other MCP clients * Secure access via WordPress Application Passwords * Step-by-step setup guide in “AI Capabilities” tab 🚀 Hosting Performance Benchmark * Comprehensive hosting evaluation with 20+ real-world performance tests * Database, resource, concurrency, and e-commerce performance analysis * Determine if your hosting plan is sufficient for your site * Cross-database compatibility (MySQL, MariaDB, PostgreSQL, SQLite, SQL Server) * Optimized for shared hosting environments Deep Site Insights * Understand your site inside out * Comprehensive analysis of core functions * Database health monitoring * User activity tracking * Everything explained in plain English ⚡ Performance & Speed * Clear performance insights * Actionable optimization steps * Speed improvement recommendations * Learn what affects your site’s performance 🛡️ Security & Best Practices * Proactive security checks * Easy-to-follow hardening recommendations * Learn WordPress security best practices * Implement as you learn 📊 Database Health * Optimize database performance * Clear insights into tables and structure * Cleanup recommendations * Learn database management without being a tech expert 🎯 SEO & Visibility * Practical SEO recommendations * Essential optimization techniques * Improve search engine rankings * Learn while implementing 🛍️ WooCommerce Optimization * Specialized store insights * Performance optimization * Checkout process analysis * Shopping experience improvements 📧 Email System Monitor * Detailed logging and diagnostics * Track email system performance * Ensure reliable communication * Monitor delivery status 🎨 Theme & Builder Analysis * Theme performance insights * Page builder optimization * Visual elements analysis * Speed optimization guidance 💡 How It Works Install & Scan: Quick installation and automatic site analysis Get Clear Insights: Receive easy-to-understand explanations Learn Best Practices: Understand WordPress through your own site Implement Changes: Follow actionable recommendations Monitor Progress: Track improvements and keep learning 🎯 Perfect For WordPress Beginners: Finally understand what’s happening on your site Store Owners: Optimize WooCommerce performance and boost sales Agency Teams: Maintain multiple sites while learning best practices Content Creators: Improve site visibility while mastering WordPress 🌟 What’s New in 2.3.0 NEW: Plugins Management New “Plugins Management” feature: view all installed plugins with status pills (Active, Inactive, Update Available, Up to date) Dashboard overview counts green (up to date) and red (updates available) pills alongside other feature statuses Details drawer with overview, full description, and changelog from WordPress.org Activate/deactivate plugins from the card or drawer; search by name, author, or description NEW: Abilities API – divewp/plugins-management Operations: list (all plugins with status), details (wp.org description and changelog for one plugin), toggle (activate/deactivate by plugin file) AI assistants can list plugins, fetch plugin info, or change activation state via MCP 🌟 What’s New in 2.2.0 NEW: AI Capabilities & WordPress Abilities API New “AI Capabilities” tab with step-by-step setup guide 10 diagnostic abilities for AI agents (server, cron jobs, database, security, performance, and more) Support for Cursor, Claude Desktop, ChatGPT via Model Context Protocol (MCP) Secure access using WordPress Application Passwords NEW: Cron Job Manager & WP-Cron Monitoring Full cron jobs dashboard: WP-Cron and Action Scheduler in one place Hook performance, overdue and orphan detection, execution history Abilities API integration: divewp/cron-insights for AI-driven cron diagnostics NEW: REST API Access Logging in User Events Track API access via Application Passwords in the event log Monitor AI agent activity and external integrations Throttled logging to prevent flood from MCP bursts IMPROVED: Cron Jobs Feature Enhancements Aligned AJAX and server health calculations for consistent status display “Potential orphan” terminology for clearer task identification Added Alternate Cron explanation footnote Visual accent pills for Important/Recommendation notes in task modals Support Need help? We’re here for you! 📚 Documentation 💬 Support Forum 🐞 Bug Reports and Contact Privacy DiveWP respects your privacy and that of your users. We do not collect any personal data. All analysis is performed locally on your server. Credits DiveWP is proudly created and maintained by Oleg Petrov.
Top keywords
- wordpress28×1.68%
- divewp27×1.62%
- performance26×1.56%
- cron22×1.32%
- abilities21×1.26%
- api19×1.14%
- abilities api17×1.02%
- ai16×0.96%
- hosting15×0.90%
- site14×0.84%
- log13×0.78%
- status12×0.72%
WP Login and Register using JWT
The WordPress Login and Register using JWT plugin allows you to log in (Single Sign-On) into your WordPress application using the JWT token(JSON Web token) obtained from any other WordPress site or other applications/platforms including mobile applications. This helps users perform autologin to WordPress and synchronize user sessions without the need to log in again. | Features | WordPress JWT Login Setup Guide | Videos | WORDPRESS SINGLE SIGN-ON / SSO ( LOGIN INTO WORDPRESS ) WordPress Single Sign-On SSO also simply called WordPress SSO allows you to login into WordPress using the credentials of other platforms. So, the user will just use a single set of credentials to log in to multiple applications. WordPress Single Sign-On / SSO using JWT(JSON Web Token) WordPress Single Sign-On (SSO) with JWT allows you to log into the WordPress site using the user-based JWT token obtained externally when the user authenticates for the first time in any connected external application. The JWT token authentication is the most popular way of authentication nowadays as it is a secure and lightweight protocol. The JWT token can be obtained either when a user logs into other platforms via OAuth/OpenID Connect protocol or can be created explicitly using the user information and secure algorithms. With this plugin, you can easily use the user-based JWT token to log a user in rather than asking them to authenticate again. Let’s take an example – If you have a WordPress site and mobile app, now if you are logged into the mobile app, now if you try to access the WordPress site, then to access the particular content, the WordPress site will ask for login again and which is not feasible, so with the JWT SSO (JWT Single Sign-On), you can create the JWT token for the user who is already logged into the mobile app and then on accessing the WordPress site, you can pass that JWT token in the request, using which the same user can authenticate and autologin to the WordPress site and hence won’t need to enter the credentials again. It supports possibly all kinds of JWT tokens (access-token/id-token) obtained from OAuth/OpenID Connect providers like AWS Cognito, Microsoft Azure AD, Azure B2C, Okta, Keycloak, ADFS, Google, Facebook, Apple, Discord and popular applications like Firebase. WordPress login using the JWT also called JWT SSO (Single Sign-On) can be done from other platforms and applications including mobile apps (android or IOS), an app built with other programming languages like .NET, JAVA, PHP, JS etc. Major functionalities WordPress Login Endpoint to create user-based JWT token Plugin provides the following API endpoint, which can be used to authenticate WordPress users and returns a user-based JWT which can be used to create login sessions in WordPress and other external applications. /wp-json/api/v1/mo-jwt WordPress Login using JWT This feature provides a way to auto-login users in WordPress using JWT obtained in a very secure way either via passing JWT token in the URL as a parameter, in the request header or shared via secured cookies. WordPress user register API endpoint to create users in WordPress using API This feature provides the following API endpoint to create users in WordPress in an easy way and on successful user registration, you will receive a JWT token in the response which can be used further for user login and WordPress REST API authorization. wp-json/api/v1/mo-jwt-register Delete/Remove users from WordPress using the user-based JWT token (JSON Web Token) This feature provides an API endpoint using which you can pass the JWT token and can easily delete the user and revoke access. wp-json/api/v1/mo-jwt-delete More details for the plugin setup can be checked from here. USE CASES Login to External applications using WordPress credentials If you are looking to authenticate your WordPress users to log in to external applications, then our plugin provides a login API endpoint using which you can easily authenticate WordPress users and can log in the users to those applications. Single Sign-On Users using the JWT token provided by OAuth/OpenID providers This WordPress login and register using the JWT plugin supports the WordPress Single Sign On (WordPress SSO) or WordPress login using the user-based JWT token (id-token/access-token) provided by the external OAuth/OpenID Connect providers (like Microsoft Azure AD, Azure B2C, AWS Cognito, Keycloak, Okta, ADFS, Google, Facebook, Apple, Discord and many more..) on login in some other sites/applications using their credentials. So, the user just needs to log in once on any other sites/platforms and a JWT token will be provided by these providers for those users will then be used further with security to autologin in other platforms. Automatic WordPress login and site access from mobile app web view | Synchronize WordPress session in the mobile app web view Suppose you have a mobile application and want to allow users to access their WordPress site content in the mobile app web view which requires a login so asking the users to enter the credentials again won’t be a good user experience. So, our JWT login plugin provides a solution to you in which the user session from the mobile app can be synchronized with the WordPress site and the user can seamlessly access the WordPress site using the user-based JWT token without the need for a WordPress login again. Automatic session synchronization between WordPress and other applications built on React, Node, Next JS, Flutter, Angular, Java, PHP, and C# …. Suppose you have a WordPress site connected to any external application built on any framework, then if you want a feature that if a user is logged in to any one application, should be automatically logged in to another as well. This can be easily achieved using the secure JWT. Session sharing between WordPress and other applications sharing the same subdomain (hosted on the same domain) Suppose you have a WordPress site and other applications hosted on the same subdomain, such that if the user logs in to any one application, then can be auto-logged into other connected applications on that domain using secure cookie-based JWT token sharing. an pass the new user details like username, email, name and password(optional), role etc. in the request body and on successful response, your user will get created and the corresponding user-based JWT will be received and the appropriate error response will be returned on the failure. Sync user login sessions between multiple platforms (Session sharing) If you have a WordPress site and other applications sharing the same subdomain and you want the feature in which if a user logged into one site (WordPress or another) and on accessing the other site in the same browser, then that user should get logged in automatically (user session to be synchronized). So, this feature is possible to have with our plugin’s JWT cookie-based session-sharing feature. Features FREE PLAN Create JWT feature Login API endpoint to authenticate WordPress users based on username/email and password Supports the JWT token generation using the HS256 signing algorithm. JWT token signing with randomly generated secret signing key. Default JWT token expiration is 60 minutes. User Registration feature Provide an API endpoint for user registration with the default subscriber role. Provide a user-based JWT token in the success response. No Extra Security key for user registration API. User Deletion feature Provide an API endpoint for user deletion with JWT token validation using the HS256 signing algorithm. No Extra Security key for user deletion API. User login feature Allows WordPress login (SSO) using a user-based JWT token with HS256 signing created using the plugin’s Create JWT feature. Retrieve the JWT token from the URL parameter to allow auto-login. Auto redirection on login to the homepage or on the same page/URL from where the autologin is initiated. Default Subscriber role is assigned on login using JWT. PREMIUM PLAN Create JWT feature Supports JWT token generation using HS256 and a securer RS256 signing algorithm. JWT token signing with a custom secret signing key or certificate. Custom token expiration to expire the token as per your requirement to improvise security. Custom JWT token decryption key. Revoke and invalidate existing user JWT token whenever a new JWT token is generated for a user. User Registration feature Provide an API endpoint for user registration with a custom role. Provide a user-based JWT token in the success response. Extra Security key for user registration API endpoint. User Deletion feature Provide an API endpoint for user deletion with JWT token validation using the HS256 signing algorithm. Extra Security key for user deletion API. User login feature Allows WordPress login (SSO) using a user-based JWT with HS256 signing created either using plugins create JWT feature or a JWT token obtained from an external source. Allows WordPress login using a user-based JWT with RS256 signing validation. Allows WordPress login using a user-based JWT with JWKS token validation support. Allows WordPress login using a user-based JWT obtained from an external OAuth/OpenID Connect provider. Retrieve the JWT token from the URL parameter, request header and cookie to allow auto-login between platforms. Auto redirection on login to the homepage or on the same page/URL from where the autologin is initiated. Auto redirection on login to any custom URL. User Attribute/Profile mapping on SSO login. Option to assign any WordPress role rather than default subscriber on SSO login. Automatic role and group Mapping to the user who performs SSO using a JWT token. SSO Login Audit feature to track the users who perform login using the JWT token. Add-On to share the user session to other applications using the JWT token stored in the cookie Other Related Integrations OAuth Single Sign On – SSO (OAuth Client) – This plugin allows Single Sign On – SSO login in your WordPress site using external OAuth 2.0, OpenID Connect Providers api Single Sign On – SSO Login – This plugin allows Single Sign On – SSO login in your WordPress site using external api, WS-FED Providers WordPress REST API Authentication – This plugin protects your WordPress REST API endpoints from unauthorized access using secure OAuth 2.0, JWT authentication, Basic authentication, Bearer API Key token and even more. Privacy This plugin does not store any user data. This plugin uses login.xecurify.com for registration as miniOrange uses login.xecurify.com if the user chooses to register and upgrade to premium. If the user does not want to register then he can continue using the free plugin. (Link to the privacy policy – https://www.miniorange.com/privacy-policy.pdf )