;transform: ;msFilter:;'%3E%3Cpath d='m20.487 17.14-4.065-3.696a1.001 1.001 0 0 0-1.391.043l-2.393 2.461c-.576-.11-1.734-.471-2.926-1.66-1.192-1.193-1.553-2.354-1.66-2.926l2.459-2.394a1 1 0 0 0 .043-1.391L6.859 3.513a1 1 0 0 0-1.391-.087l-2.17 1.861a1 1 0 0 0-.29.649c-.015.25-.301 6.172 4.291 10.766C11.305 20.707 16.323 21 17.705 21c.202 0 .326-.006.359-.008a.992.992 0 0 0 .648-.291l1.86-2.171a.997.997 0 0 0-.085-1.39z'%3E%3C/path%3E%3C/svg%3E)
+44 (0)1179 680989
Following on from the header updates, I’ve also had to refactor the Cookie Scanner. With the final nail in the coffin for unpartitioned third-party cookies in 2026, the way we audit cookies had to change. If you’re running embedded widgets—like support chats, maps, or auth providers—that rely on cross-site state, the old way of doing […]
Read more
This is the first in a series of articles I plan to write, based on our research at Sitevitals into platform-specific site health. In this first article i want to look at Wix websites and how they stack up, performance wise. Rather than pick any old random Wix websites, we audited of the 85 websites […]
We know the reality most agencies face: websites don’t usually break all at once; they quietly drift over time. An SSL certificate expires unnoticed. A script update slows down the Largest Contentful Paint. A critical tracking tag is accidentally deleted. A security header is dropped during a routine deployment. Individually, these issues are small. Collectively, […]
I recently spent some time digging into the latest security standards for 2026, and as usual, things have moved on quite a bit from what was considered “best practice” just a couple of years ago. It turns out that simply having a CSP or HSTS header isn’t quite enough anymore if you want to stay […]