How is the WIS™ score calculated?

The Website Intelligence Score™ (WIS™) is a composite 0–100 score calculated from six weighted dimensions: Technical Performance (20%), SEO Foundations (20%), Technology Modernity (20%), Security Posture (25%), Conversion Infrastructure (10%), and Accessibility (5%). Each dimension is scored 0–100 from live HTTP header analysis and fully-rendered DOM inspection, then combined using the weighted formula: WIS = Σ(dimension_score × weight).

What is a good website score?

A score of 86–100 is Best-in-Class, indicating exceptional performance across all dimensions. Scores of 71–85 are Advanced — strong foundations with minor gaps. Scores of 51–70 are Modern — core requirements met but with meaningful optimisation opportunities. Scores of 31–50 indicate significant technical debt, and scores below 30 indicate critical deficiencies requiring immediate attention.

Does SiteReveal scan JavaScript-rendered websites?

Yes. SiteReveal detects single-page applications (React, Next.js, Vue, Nuxt, Angular) and automatically launches a headless Chromium browser to fully render the page before extracting SEO and content signals. This ensures accurate scores for modern SPAs that deliver minimal HTML in the initial server response.

How does SiteReveal's security score compare to SecurityHeaders.io?

SiteReveal checks all headers evaluated by SecurityHeaders.io — including Content-Security-Policy, Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, Subresource Integrity (SRI), and Cross-Origin-Opener-Policy (COOP). The security dimension is weighted at 25% of the composite WIS™ score, reflecting its critical importance to both user safety and search engine trust signals.

How often should I re-scan my website?

We recommend scanning after every major deployment, at minimum monthly for production websites. SiteReveal stores full scan history so you can track score improvements over time. Pro and Agency plans include scheduled monitoring that automatically re-scans your domains and alerts you to regressions.

Is the Website Intelligence Score™ (WIS™) comparable to Google Lighthouse?

WIS™ and Lighthouse measure different things. Lighthouse focuses on runtime performance metrics (Core Web Vitals, accessibility audits) using a simulated device. WIS™ is a broader intelligence score covering security posture, SEO foundations, technology stack modernity, and conversion infrastructure — signals that Lighthouse does not measure. The two tools are complementary: use Lighthouse for deep performance profiling and SiteReveal for a holistic website intelligence audit.

Scoring Methodology

How the WIS™ Score
is calculated

The Website Intelligence Score™ (WIS™) is a composite 0–100 score derived from six weighted dimensions and over 50 independently verified signals. Every point is traceable to a specific detected signal — no AI guessing, no black-box scoring.

View all dimensions

The WIS™ Composite Formula

Each dimension is scored 0–100, then multiplied by its weight. The sum is the composite WIS™ score.

WIS™ = Performance × 0.20 + SEO × 0.20 + TechModernity × 0.20 + Security × 0.20
+ ContentSignals × 0.10 + LeadCapture × 0.10 ± OutdatedPenalties

Technical Performance20%

SEO Foundations20%

Technology Modernity20%

Security20%

Content Signals10%

Lead Capture & Conversion10%

Score Bands

WIS™ scores are grouped into five bands, each representing a distinct level of digital maturity.

86–100

Best-in-Class

Exceptional across all six dimensions. Typically large, well-funded digital teams with dedicated performance and security engineering.

71–85

Advanced

Strong foundations with a few optimisation gaps. Most modern SaaS and e-commerce platforms land here.

51–70

Modern

Core requirements met but meaningful gaps in security, SEO, or conversion infrastructure.

31–50

Needs Modernisation

Significant technical debt. Likely missing HTTPS headers, using a legacy CMS, or lacking conversion tools.

0–30

Outdated

Critical deficiencies across multiple dimensions. Immediate remediation recommended.

How a Scan Works

From URL submission to published report in under 60 seconds.

HTTP Inspection

SiteReveal fetches the target URL and records all HTTP response headers, status codes, redirect chains, and TLS metadata. This phase captures all security and performance signals that are available without executing JavaScript.

SPA Detection

The raw HTML is analysed for SPA shell patterns — minimal HTML with React, Vue, Next.js, or Angular bootstrap scripts. If detected, the scan advances to the Puppeteer rendering phase.

Headless Browser Rendering (SPA sites)

For JavaScript-powered sites, SiteReveal launches a headless Chromium instance via Puppeteer, waits for the DOM to stabilise, and extracts the fully-rendered HTML. This ensures SEO and content signals are accurate for React, Next.js, and Vue applications.

Signal Extraction

The detection engine reads the rendered HTML against a library of 200+ technology signatures — script URLs, DOM variables, meta tags, cookie names, CSS class patterns, and HTTP header values.

Confidence Scoring

Each detected technology receives a confidence score (0–1) based on how many independent signals corroborate the detection. A technology must exceed a 0.6 confidence threshold to appear in the report.

WIS™ Calculation

Six weighted dimensions are each normalised to 0–100, then combined into the composite Website Intelligence Score™. Website-type adjustments are applied — e-commerce sites receive a higher weight for conversion signals; SaaS sites receive a higher weight for tech modernity.

AI Insight Generation

The score breakdown and technology stack are passed to an LLM that generates structured, actionable recommendations for each dimension — written in plain English for non-technical stakeholders.

The Six Scoring Dimensions

Every signal is independently verified from HTTP headers, rendered DOM, or network responses. No inferred or estimated values.

Technical Performance

20% weight

Measures how fast and efficiently a website delivers content to users and search engine crawlers. Poor performance directly reduces conversion rates — a 1-second delay in page load time reduces conversions by 7% on average.

Signal	What we detect
CDN presence	Content delivered via Cloudflare, Akamai, Fastly, BunnyCDN, Netlify, or Vercel Edge
HTTP/2 or HTTP/3	Multiplexed connections reduce latency for asset-heavy pages
Asset compression	Brotli or Gzip encoding detected via Content-Encoding header
Cache-Control headers	Long-lived cache directives (max-age ≥ 86400) for static assets
TTFB (Time to First Byte)	Server response time: excellent <800ms, acceptable <2s, poor >3s
Image optimisation	WebP or AVIF format detected in HTML source
Minified assets	CSS and JS files served without whitespace bloat

Formula: Score = CDN(20) + HTTP2(15) + Compression(15) + Cache(15) + TTFB(±20) + Images(10) + Minification(5)

SEO Foundations

20% weight

Evaluates the on-page and technical SEO signals that determine whether search engines can discover, index, and rank the site. These are the baseline requirements for any organic traffic strategy.

Signal	What we detect
Title tag (optimal length)	Present and 30–65 characters — the optimal range for Google's SERP display
Meta description	Present and descriptive — improves click-through rate from search results
Open Graph tags	og:title, og:description, og:image — required for social sharing previews
Twitter Card	twitter:card meta tag for Twitter/X rich previews
Canonical URL	Prevents duplicate content penalties from multiple URL variants
Schema.org markup	Structured data (JSON-LD or microdata) for rich results in Google
Sitemap.xml	XML sitemap accessible at /sitemap.xml for crawler discovery
Robots.txt	Robots.txt present and not blocking all crawlers
H1 tag	Single, keyword-relevant H1 heading in the rendered DOM
Heading hierarchy	Logical H1→H2→H3 structure for semantic clarity

Formula: Score = Title(15) + MetaDesc(10) + OG(10) + TwitterCard(5) + Canonical(10) + Schema(15) + Sitemap(10) + Robots(5) + H1(10) + Headings(10)

Technology Modernity

20% weight

Assesses whether the site uses current, maintained technologies. Outdated stacks create security vulnerabilities, slow development velocity, and signal to Google that the site is not actively maintained.

Signal	What we detect
Modern JS framework	React, Vue, Next.js, Nuxt, Svelte, Astro, Remix, or Angular detected
Modern CSS system	Tailwind CSS, Webflow, or Framer detected — signals design-system discipline
ES module scripts	type="module" on script tags — indicates modern bundler toolchain
Vite build tool	Vite detected via asset fingerprinting patterns
CDN delivery	Assets served from CDN edge nodes — indicates modern deployment pipeline
No legacy CMS penalty	Squarespace and Wix receive a −15 penalty for limited technical control
No bare-WordPress penalty	WordPress without CDN, Tailwind, or headless framework receives −10

Formula: Score = Framework(30) + ModernCSS(20) + ESModules(15) + Vite(10) + CDN(15) − LegacyCMS(15) − BareWP(10)

Security

20% weight

Evaluates the HTTP security header stack against the SecurityHeaders.io A-grade specification. Security signals are fully detectable from HTTP responses — no browser execution required.

Signal	What we detect
HTTPS	Site served over TLS — foundational requirement, worth 25 points
HSTS	Strict-Transport-Security header forces HTTPS for all future visits
Content-Security-Policy	CSP header restricts which resources the browser can load
X-Frame-Options	Prevents clickjacking attacks via iframe embedding
X-Content-Type-Options	nosniff directive prevents MIME-type sniffing attacks
Secure cookies	Session cookies carry the Secure flag — not transmitted over HTTP
Cookie consent	GDPR/CCPA compliance mechanism detected in HTML
Referrer-Policy	Controls how much referrer information is shared with third parties
Permissions-Policy	Restricts browser feature access for third-party scripts
Subresource Integrity (SRI)	integrity attributes on external scripts prevent CDN supply-chain attacks
Cross-Origin-Opener-Policy (COOP)	Isolates browsing context to enable cross-origin isolation

Formula: Score = HTTPS(25) + HSTS(18) + CSP(18) + XFrame(9) + XContentType(9) + SecureCookies(5) + Consent(4) + ReferrerPolicy(4) + PermissionsPolicy(4) + SRI(2) + COOP(2)

Content Signals

10% weight

Checks whether the site has sufficient content depth for Google to understand its purpose and authority. Thin content is one of the most common reasons for poor organic rankings.

Signal	What we detect
Sufficient text content	Rendered HTML contains ≥300 words of body text
Blog or articles section	/blog, /articles, /news, or /insights path detected
FAQ section	FAQ or Q&A section detected — targets featured snippet opportunities
Testimonials	Social proof content detected — improves E-E-A-T signals
Case studies	Case study or portfolio content detected

Formula: Score = TextDepth(30) + Blog(25) + FAQ(20) + Testimonials(15) + CaseStudies(10)

Lead Capture & Conversion

10% weight

Evaluates the conversion infrastructure — the tools and mechanisms that turn visitors into leads, trials, or customers. Missing conversion systems are the most direct cause of poor commercial ROI from web traffic.

Signal	What we detect
Contact form	Contact or enquiry form detected in the rendered DOM
Newsletter signup	Email capture form detected — Mailchimp, ConvertKit, or custom
Live chat / chatbot	Intercom, Drift, Crisp, HubSpot Chat, or custom chat widget
AI assistant	AI-powered chat or assistant widget detected
CRM integration	HubSpot, Salesforce, Pipedrive, or similar CRM script detected
Calendly / booking	Calendly or booking widget detected — reduces friction for demos

Formula: Score = ContactForm(20) + Newsletter(15) + LiveChat(20) + AIAssistant(15) + CRM(15) + Calendly(15)

Scan Confidence Levels

Every report displays a Scan Confidence badge indicating how the site was analysed. This is especially important for JavaScript-heavy sites where a header-only scan would miss all SEO and content signals.

Full render scan

Puppeteer rendered the full DOM. All 50+ signals are available. Used for React, Next.js, Vue, and other SPA sites.

Static HTML scan

Raw server-rendered HTML was parsed. Accurate for server-rendered sites (WordPress, PHP, Ruby on Rails).

Header-only scan

Only HTTP headers were available. Security and performance signals are accurate; SEO and content signals may be incomplete.

Fairness & Accuracy Principles

No AI guessing

Every signal is independently verified from a live HTTP response or rendered DOM. SiteReveal never infers or estimates signal values — if a signal cannot be detected, it is marked as absent, not assumed.

Website-type weighting

Weights are adjusted based on detected website type (SaaS, e-commerce, agency, blog, etc.). A blog is not penalised for lacking a Calendly booking widget; an e-commerce site is not penalised for lacking a blog.

Technology-neutral scoring

SiteReveal does not favour any specific technology vendor. A well-configured WordPress site with Cloudflare, Tailwind, and strong security headers will score higher than a poorly configured Next.js site.

Calibrated against industry benchmarks

Scoring ranges are calibrated against SecurityHeaders.io, GTmetrix, and Wappalyzer ground-truth data across a diverse sample of 10+ sites per calibration cycle. The scoring model is updated when industry standards change.

Transparent signal list

Every signal that contributes to your score is listed in the Evidence table on your report page. You can see exactly which signals passed, failed, or triggered a warning — and why.

See your score in under 60 seconds

Free for any public website. No account required for your first scan.

How the WIS™ Scoreis calculated

The WIS™ Composite Formula

Score Bands

How a Scan Works

HTTP Inspection

SPA Detection

Headless Browser Rendering (SPA sites)

Signal Extraction

Confidence Scoring

WIS™ Calculation

AI Insight Generation

The Six Scoring Dimensions

Technical Performance

SEO Foundations

Technology Modernity

Security

Content Signals

Lead Capture & Conversion

Scan Confidence Levels

Fairness & Accuracy Principles

No AI guessing

Website-type weighting

Technology-neutral scoring

Calibrated against industry benchmarks

Transparent signal list

See your score in under 60 seconds

How the WIS™ Score
is calculated