Website Audit + Custom Build, by OYE Creations
Drop your URL.
Get a site that scores 90 to 100.
We rebuild your website from scratch in clean code, guaranteed to score 90 to 100 across all five Lighthouse categories or your money back. You own everything. No lock-in, no monthly platform fees.
10% of every project goes to a 501(c)(3) nonprofit of your choice.Portfolio, Verified Scores
Sites we've droptimized.
Click any row to expand scores and notes. A · marks a stage not yet logged, filled in as a project moves from audit to verified.
| 1. Audit | 2. Fixing | 3. Pre-Launch | 4. Verified | |
|---|---|---|---|---|
| SEO | 91% | 100% | 100% | 100% |
| Security | 83% | 100% | 100% | 100% |
| Performance | 77% | 100% | 100% | 100% |
| Accessibility | 93% | 100% | 100% | 100% |
| Best Practices | 96% | 100% | 100% | 100% |
Verified 100 across all five categories (2026-06-19). The audit traced the low Performance (77%) and Best Practices (81%) to one root cause: Cloudflare's JavaScript Detections feature was edge-injecting a bot-detection script that burned ~2.5s of main-thread time and called deprecated browser APIs. The same edge challenge stripped HSTS and 403'd the sitemap for datacenter IPs, which capped Security. Disabling JavaScript Detections plus Bot Fight Mode on the zone cleared all three: Performance 77 to 100, Best Practices 81 to 100, Security to 100 (6/6 headers, sitemap 200). SEO and Accessibility were already 100. The site's own code needed no changes.
| 1. Audit | 2. Fixing | 3. Pre-Launch | 4. Verified | |
|---|---|---|---|---|
| SEO | 100% | · | · | 100% |
| Security | 100% | · | · | 100% |
| Performance | 100% | · | · | 100% |
| Accessibility | 100% | · | · | 100% |
| Best Practices | 100% | · | · | 100% |
The social companion to pupgrade.app: public dog pages, the pack, and community, on its own domain and its own Cloudflare zone. Built on the OYE standard and verified 100 across all five categories (best of 5 runs, 2026-06-19), with 6/6 security headers and sitemap and robots both returning 200. Unlike the .app zone, JavaScript Detections was already off here, so it was never slowed by the bot-detection script, no fixes were needed.
| 1. Audit | 2. Fixing | 3. Pre-Launch | 4. Verified | |
|---|---|---|---|---|
| SEO | 100% | · | · | 100% |
| Security | 100% | · | · | 100% |
| Performance | 100% | · | · | 100% |
| Accessibility | 100% | · | · | 100% |
| Best Practices | 100% | · | · | 100% |
Partner brand: the fine-art photography and print site for Eric Schoep, built from scratch on the OYE standard. Verified 100 across all five categories (best of 5 runs, 2026-06-19), with 6/6 security headers and sitemap and robots both 200. The one audit fix was allowing Cloudflare's analytics beacon in the CSP, which had been blocked and capped Best Practices at 92. The full-bleed hero photo is the mobile LCP and was deliberately kept over shaving it to chase the score; it still verifies at 100 best-of-5.
| 1. Audit | 2. Fixed | 3. Pre-Launch | 4. Verified | |
|---|---|---|---|---|
| SEO | 91% | 100% | 100% | 100% |
| Security | 100% | 100% | 100% | 100% |
| Performance | 93% | 95% | 95% | 98% |
| Accessibility | 95% | 100% | 100% | 100% |
| Best Practices | 92% | 100% | 100% | 100% |
New OYE internal property built from scratch. Audit exposed: Accessibility 95% (contrast failures on city marquee text, #8C9EA6 on cream = 2.27:1, and 12 links with aria-labels that didn't contain their visible text, WCAG 2.5.3). Best Practices 92% (feed rendering script inline, blocked by CSP). SEO 91% (no robots.txt). Performance boosted to 98% by converting PNG logos to WebP (78KB+101KB down to 13KB+17KB) and disabling Cloudflare email obfuscation, which was injecting a render-blocking script. Final: 100/100/100/100 across SEO, Security, Accessibility, and Best Practices. Performance 98%.
| 1. Audit | 2. Transfer | 3. Pre-Launch | 4. Final | |
|---|---|---|---|---|
| SEO | 92% | 91% | 100% | 100% |
| Security | ~92% | 100% | 100% | 100% |
| Performance | 96% | 99% | 99% | 100% |
| Accessibility | 93% | 93% | 100% | 100% |
| Best Practices | 92% | 92% | 100% | 100% |
Migrated from oyecreations.com/scholar to standalone oyescholar.com. Pre-transfer audit: scholar landing and essay builder both in the 92-96% range across all categories. Performance was stuck at 76% due to Cloudflare's Bot Management JavaScript detections injecting a 2,374ms script on every page load, disabled via API. Best Practices hit 100% after the same fix removed deprecated API calls from that injected script. All five categories verified at 100%.
| 1. Audit | 2. Fixed | 3. Pre-Launch | 4. Verified | |
|---|---|---|---|---|
| SEO | ~75% | 92% | 92% | 100% |
| Security | ~67% | 100% | 100% | 100% |
| Accessibility | ~80% | 97% | 97% | 100% |
| Best Practices | ~75% | 92% | 92% | 100% |
| Performance | ~60% | 85% | 85% | 100% |
New OYE internal site audited at launch. Security gap: X-XSS-Protection legacy value, HSTS max-age 1yr vs 2yr, missing COOP/CORP headers. Inline scripts blocked a tight CSP, extracted to external files, removed unsafe-inline from script-src. Accessibility contrast failures on #888/#999 text on white, fixed to #767676 (passes 4.5:1). Scores verified live: SEO 92%, A11y 97%, Best Practices 92%, Performance 85% (Google Fonts CDN, font migration pending).
| 1. Audit | 2. Transfer | 3. Pre-Launch | 4. Verified | |
|---|---|---|---|---|
| SEO | ~75% | 92% | 100% | 100% |
| Security | ~58% | ~58% | ~92% | 100% |
| Performance | ~89% | ~89% | ~89% | 100% |
| Accessibility | ~82% | 94% | 100% | 100% |
| Best Practices | ~85% | 92% | 92% | 100% |
Subdomain migration to standalone domain. Cloudflare's default robots.txt caused 2,064 SEO errors; missing security headers left the site exposed at 58%. Performance reached 100% after migrating from Google Fonts CDN to self-hosted woff2 files, eliminating the external font request entirely. All five categories verified at 100%.
| 1. Audit | 2. Rebuilt | 3. Pre-Launch | 4. Verified | |
|---|---|---|---|---|
| SEO | ~84% | 100% | 100% | 100% |
| Security | ~38% | 100% | 92% | 100% |
| Accessibility | ~76% | 100% | ~86% | 100% |
| Best Practices | ~80% | 100% | 91% | 100% |
Worst security score in the portfolio at ~38%. The Next.js app had no CSP, no HSTS, and no CORP headers at all. Accessibility issues came from component library defaults that didn't meet WCAG AA contrast. Dynamic routes were missing canonical tags, holding SEO back. All rebuilt and verified at 100%.
| 1. Audit | 2. Rebuilt | 3. Pre-Launch | 4. Verified | |
|---|---|---|---|---|
| SEO | 100% | 100% | 100% | 100% |
| Security | 92% | 100% | 92% | 100% |
| Performance | 76% | 76% | 91% | 93% |
| Accessibility | ~79% | 100% | 88% | 100% |
| Best Practices | ~85% | 100% | 92% | 100% |
SEO started at 100%. Strong existing domain signals meant no indexing work needed. Accessibility gaps were unlabeled interactive elements on chord cards and contrast failures on secondary label text. Security was one header short at audit and pre-launch. Best Practices hit 100% after disabling Cloudflare Bot Management JS detections, which had been injecting deprecated-API code on every page load. Performance at 93%. LCP is 3.2s because the featured news rotator is JavaScript-rendered: the browser can't fetch cover images until JS executes and injects them into the DOM. All covers are now locally hosted as WebP (converted from Wikimedia JPEG). Remaining LCP improvement requires server-side rendering the first article inline in the HTML.
| 1. Audit | 2. Rebuilt | 3. Transfer | 4. Verified | |
|---|---|---|---|---|
| SEO | ~65% | 100% | ~40% | 100% |
| Security | 0% | 100% | ~20% | 100% |
| Performance | ~65% | 100% | ~65% | 100% |
| Accessibility | ~70% | 100% | ~30% | 100% |
| Best Practices | ~75% | 100% | ~25% | 100% |
First external client. Built clean to 100% on our end. Client-side DNS changes during handover tanked all scores: security dropped to ~20%, accessibility to ~30%, SEO to ~40%, best practices to ~25%. We stepped back in, identified what changed, and closed everything at 100%.
| 1. Audit | 2. Rebuilt | 3. Pre-Launch | 4. Verified | |
|---|---|---|---|---|
| SEO | 91% | 100% | 94% | 100% |
| Security | 68% | 100% | 80% | 100% |
| Accessibility | ~82% | 100% | 91% | 100% |
| Best Practices | ~76% | 100% | 84% | 100% |
Incomplete security headers at audit. HSTS and CORP were missing, holding security at 68%. A late pre-launch config push partially reverted those settings, dropping security back to 80% right before go-live. Rebuilt from scratch with the full OYE header stack. All five categories closed at 100%.
Built for local business
Real results. Zero lock-in.
We don't sell subscriptions or hold your site hostage. You own everything: the code, the domain, the hosting. We just make it excellent.
Audit
Drop your URL. We score every signal: SEO, Security, Accessibility, Performance, Best Practices. Every gap documented with a fix priority and plain-English explanation.
Rebuild
Plain HTML/CSS/JS. No WordPress, no page builders, no monthly platform fees. We don't ship until every category is in the 90-100 range. We push for 100.
Transfer
Your code, your GitHub, your Cloudflare account. We move everything into your name. No lock-in, no ongoing dependency on us.
Verify
Post-transfer audit confirms all scores are holding in the 90-100 range in your environment. You get the report. We're done.
Live Demo
The exact audit you get, running live on droptimize.org right now. This is the standard every build is held to.
Pricing and Give Back
Simple pricing. Built to give back.
Every paid project includes a charitable donation. 10% of the service fee goes to a 501(c)(3) nonprofit of your choice. If you don't pick one, it goes to TKF.
Agencies charge $6,000 and up for a custom build like this. Ours is a flat price, hand-coded, and you own every line of it.
- Full scored audit report
- Complete website build (HTML/CSS/JS), hand-coded from scratch
- Cloudflare Pages deployment
- Handover docs & DNS setup
- 90+ in every category, or your money back
- You own everything, no lock-in
- Everything in Single Site
- Full custom website build, up to 5 pages (HTML/CSS/JS)
- Cloudflare Pages deployment
- Admin panel for content edits
- Handover docs & DNS setup
- 90+ in every category, or your money back
- You own everything, no lock-in
- Everything in Standard
- Up to 10 pages or sections
- Contact form with KV storage
- Weekly automated audit reports (1 month included)
- GitHub Actions CI/CD setup
- Priority turnaround (5-7 days)
- 30-day post-launch support
- Everything in Professional
- Unlimited pages & sections
- E-commerce or booking integration
- Multi-language support
- API & Worker backend builds
- Ongoing maintenance available
Audit Watch, Ongoing Monitoring
Keep the scores you paid for. Automatically.
A clean launch is step one. Audit Watch re-runs the full 5-category audit every week and alerts you the moment a score slips. It watches and tells you what dropped. Fixes are a separate quote or roll into a build.
- Weekly audit across all 5 categories
- Email alerts when any score drops
- Monthly trend report
- Cancel anytime, no lock-in
- Everything in Solo
- Up to 5 sites monitored
- Consolidated weekly dashboard
- Priority drop alerts
- Cancel anytime, no lock-in
- Everything in Business
- Up to 25 sites monitored
- White-label client reports
- Bulk score export
- Cancel anytime, no lock-in
Monitoring only. Audit Watch flags what slipped, it does not fix it. Need the fix? We quote it or fold it into a build.
Switch to annual above and get 1 month free. Cancel anytime, no lock-in.
How we got here
The standard wasn't written. It was earned.
droptimize.org started by auditing every OYE Creations property: the podcast site, the resume service, the AI platform. Most had missing security headers, contrast failures, ARIA issues, and incomplete SEO. We fixed them all and wrote down every rule.
Those rules became the build standard. When OYE Scholar launched, built from scratch using that standard, it audited at 96-100% across all five categories before a single fix was applied. That's the difference between patching a site and building from a process.
Read the full story →Ready?
Ready to see what your site is actually scoring?
Drop your URL below. Free preliminary audit. We'll tell you exactly where you stand and what it would take to hit 100%.