Technical SEO Audit and Analysis by Emmanuel Onuora.pdf
1. Technical SEO Audit and
Analysis for OPS Security
Group
Audit Date: June 25th 2022
Website: https://opssecuritygroup.com
Author: Emmanuel Onuora
Note: I blurred the recommendations for privacy reasons.
2. Core Web Vitals
Assessment Failed
Description: Core web vitals
assessment failed due to Largest
Contentful Paint (LCP) 0f 4.6s
and Cumulative Layout Shift
(CLS) of 0.73s. LCP measures the
loading performance of a site. To
provide a good user experience,
LCP should occur within 2.5
seconds of when the page first
starts loading.
Recommendation: To improve your core web vitals and your site’s speed,
optimize your images, speed up your server, and improve the loading of third-
party scripts. Here is an article on how to make these changes:
https://yoast.com/boost-core-web-
vitals/#:~:text=One%20of%20the%20ways%20you,appear%20later%20than
%20the%20text. See the file labeled “screenshot-pagespeed.web.dev-2022-
06-29-00-23-53-608” for site speed reports and list of recommendations.
3. Unsafe Cross-Origin Links
Description: Unsafe cross-origin
links shows any pages that link to
external websites using the
target=”_blank” attribute only to
open in a new tab. Using
target=”_blank” alone leave those
pages exposed to both security
and performance issues.
Recommendation: rel=”noopener” should be used on any links that contain
the target=”_blank” attribute to avoid security and performance issues. Here is
an article on how to fix this issue https://web.dev/external-anchors-use-rel-
noopener/. There are 167 pages on your site with unsafe cross-origin links. See
the file labeled “security_unsafe_crossorigin_links” for affected URLs.
4. Protocol-Relative Resource
Links
Description: The Protocol-relative
URL involves a URL that is
opened via HTTP and HTTPS
protocols at the same time. A CSS,
JS, Image, Font file, or Web
Document (HTML Document) can
be opened via SSL and without
SSL according to the webserver
configuration and requestor request
HTTP headers. However, this
technique is now an anti-pattern
with HTTPS everywhere and can
expose your site to ‘man in the
middle’ compromises and
performance issues.
Recommendation: Remove protocol relative URLs from your website. Protocol-relative URLs are removed via programmatic methods, such
as replacing the “a href” values with a simple MySQL command or replacing all the protocol-relative URLs with a NodeJS plugin. If the
website is WordPress, protocol-relative URLs can be removed via plugins or the htaccess file modifications. Here is an article on how to
remove protocol relative URLs https://www.holisticseo.digital/technical-seo/web-security/protocol-relative-url. There are 277 pages on your
site with protocol-relative URLs. See the file labeled “security_protocolrelative_resource_links” for affected URLs.
5. Missing HSTS Header
Description: The HTTP Strict-
Transport-Security response header
(HSTS) instructs browsers that it
should only be accessed using
HTTPS, rather than HTTP. If a
website accepts a connection through
HTTP and redirects to HTTPS,
visitors may initially communicate
with the non-encrypted version of the
site before being redirected. This
creates an opportunity for a man-in-
the-middle attack. The redirect could
be exploited to direct visitors to a
malicious site instead of the secure
version of the original site.
Recommendation: Configure your site for the HTTP Strict Transport Security header. The HTTP
Strict Transport Security header informs the browser that it should never load a site using HTTP and
should automatically convert all attempts to access the site using HTTP to HTTPS requests instead.
Here is how to configure your site for HTTP Strict Transport Security. There are 575 pages on your
site with a missing HSTS header. See the file labeled “security_missing_hsts_header” for the affected
URLs.
6. Client Error (4xx)
Description: Client Error (4xx)
indicates a problem occurred with
the request. A 4XX Error is an error
that often occurs when a webpage
doesn't exist or has restricted access
or rights. This includes responses
such as 400 bad requests, 403
Forbidden, 404 Page Not Found, 410
Removed, 429 Too Many Requests,
and more.
Recommendation: Update errors such as 404
to their correct locations, removed and
redirected where appropriate. All links on
your website should ideally resolve to 200
‘OK’ URLs. Here is an article on how to fix
Client Error (4xx). There are 60 pages on
your site with Client Error (4xx). See the file
labeled “response_codes_client_error_(4xx)”
for the affected URLs.
7. Page Title Same As H1
Description: This involves any page
titles which match the h1 on the page
exactly. This is not necessarily an issue
but may point to a potential
opportunity to target alternative
keywords, synonyms, or related key
phrases. Using the same wording for a
page title and H1 might be looked at as
keyword stuffing or a sign of an over-
optimized website.
Recommendation: Use different wordings for
page titles and h1s. Here is how you can do that.
There are 37 pages on your site with page titles
the same as h1. See the file labeled
“page_titles_same_as_h1” for the affected
URLs.
8. Missing Meta Descriptions
Description: This includes any pages
which have a missing meta
description, the content is empty, or
has whitespace. This is a missed
opportunity to communicate the
benefits of your product or service
and influence click-through rates for
important URLs.
Recommendation: Write meta descriptions
that are unique and relevant for your site's
content. Here is an example of how to write
and optimize meta descriptions for your site.
There are 144 pages on your site without meta
descriptions. See the file labeled
“meta_description_missing” for the affected
URLs.
9. Duplicate Meta Descriptions
Description: This involves pages
with duplicate meta descriptions. It’s
really important to have distinct and
unique meta descriptions that
communicate the benefits and
purpose of each page. If they are
duplicates or irrelevant, then they
will be ignored by search engines.
Recommendation: Rewrite duplicate meta
descriptions on your site. Here is an example
of how to optimize meta descriptions for your
site. There are 15 pages on your site with
duplicate meta descriptions. See the file
labeled “meta_description_duplicate” for the
affected URLs.
10. Images Over 100kb In Size
Description: This includes images with
over 100kb in size. Page speed is
extremely important for users and SEO
and often large resources such as images
are one of the most common issues that
slow down web pages.
Recommendation: Reduce and optimize the
images on your site. Here is an example of
how to reduce and optimize website image
sizes. There are 116 URLs on your site with
images over 100kb in size. See the file labeled
“images_over_100_kb” for the affected URLs.
11. Images with Missing Alt Text
Description: This includes images that
have an alt attribute, but are missing alt
text. Images should have descriptive
alternative text about its purpose,
which helps the blind and visually
impaired and the search engines
understand it and its relevance to the
web page.
Recommendation: Insert alt texts to images
without one. Here is an example of how to
insert alt texts to images. There are 118
images on your site with missing alt text. See
the file labeled “images_missing_alt_text”
for the affected URLs.