Prevent Plugins adding warnings in the Site Health

[Marc4]

I have seen a plugin with 1+ million installations adding warnings in the Site Health area, which have nothing to do with the security of the site. This particular warning appears under "Improvements".

The notice has a link that takes the user to an internal page of the plugin with two buttons:

1. Allow plugin connect to a third-party application to perform certain functions and synchronize information.
2. Buy the Pro version of the plugin.

I'm not against point 1, nor point 2. But I don't think it's right using the Site Health area to advertise features that are not improvements to the health of the WordPress site or its hosting environment.

[peterwilsoncc]

Hi @Marc4 and thanks for the ticket.

I agree that an upgrade to pro item is a questionable use of the Site Health screen. I couldn't agree more, in fact.

However, I think that removing the filters that allow plugins to add items to the Site Health screen would create more problems than it would solve. There are more legitimate uses of the Site Health report for plugins than not. Some example I can think of are:

• caching plugins warning that there is no redis/memcache server to connect to
• SASS plugins reporting the need to connect to a service, ie Item one in your ticket
• 2FA plugins warning that administrator level accounts do not have 2FA enabled

Unfortunately WordPress has no way of detecting whether a site health item is useful or questionable in nature so I'm going to close this ticket as unplanned (wontfix).

The WordPress plugin repository has guidelines on what plugins can and can not do. You may wish to open a ticket to discuss adding/clarifying policies around the use and abuse of the Site Health report. You can do that on ​the plugin guidelines issue tracker

[Marc4]

Thanks @peterwilsoncc, make sense.

I moved this discussion here: ​https://github.com/WordPress/wporg-plugin-guidelines/issues/90