Drop your URL.
Get optimized.

Newest OYE internal property. Initial droptimize audit just landed (2026-05-28). SPA shell with embed-heavy media grid means Performance came in at 77% (mobile LCP/CLS on the lazy-loaded media tiles). SEO 91% looks like missing meta on at least one route. Accessibility 93% is likely color contrast on dark-mode surfaces. Security 83% is a CI artifact (CF Bot Fight strips HSTS for GH runner IPs; real users see 6/6 headers, full 100%). BP 96% from a minor console warning. Gap-close in flight.

New OYE internal property built from scratch. Audit exposed: Accessibility 95% (contrast failures on city marquee text, #8C9EA6 on cream = 2.27:1, and 12 links with aria-labels that didn't contain their visible text, WCAG 2.5.3). Best Practices 92% (feed rendering script inline, blocked by CSP). SEO 91% (no robots.txt). Performance boosted to 98% by converting PNG logos to WebP (78KB+101KB down to 13KB+17KB) and disabling Cloudflare email obfuscation, which was injecting a render-blocking script. Final: 100/100/100/100 across SEO, Security, Accessibility, and Best Practices. Performance 98%.

Migrated from oyecreations.com/scholar to standalone oyescholar.com. Pre-transfer audit: scholar landing and essay builder both in the 92-96% range across all categories. Performance was stuck at 76% due to Cloudflare's Bot Management JavaScript detections injecting a 2,374ms script on every page load, disabled via API. Best Practices hit 100% after the same fix removed deprecated API calls from that injected script. All five categories verified at 100%.

New OYE internal site audited at launch. Security gap: X-XSS-Protection legacy value, HSTS max-age 1yr vs 2yr, missing COOP/CORP headers. Inline scripts blocked a tight CSP, extracted to external files, removed unsafe-inline from script-src. Accessibility contrast failures on #888/#999 text on white, fixed to #767676 (passes 4.5:1). Scores verified live: SEO 92%, A11y 97%, Best Practices 92%, Performance 85% (Google Fonts CDN, font migration pending).

Subdomain migration to standalone domain. Cloudflare's default robots.txt caused 2,064 SEO errors; missing security headers left the site exposed at 58%. Performance reached 100% after migrating from Google Fonts CDN to self-hosted woff2 files, eliminating the external font request entirely. All five categories verified at 100%.

Worst security score in the portfolio at ~38%. The Next.js app had no CSP, no HSTS, and no CORP headers at all. Accessibility issues came from component library defaults that didn't meet WCAG AA contrast. Dynamic routes were missing canonical tags, holding SEO back. All rebuilt and verified at 100%.

SEO started at 100%. Strong existing domain signals meant no indexing work needed. Accessibility gaps were unlabeled interactive elements on chord cards and contrast failures on secondary label text. Security was one header short at audit and pre-launch. Best Practices hit 100% after disabling Cloudflare Bot Management JS detections, which had been injecting deprecated-API code on every page load. Performance at 93%. LCP is 3.2s because the featured news rotator is JavaScript-rendered: the browser can't fetch cover images until JS executes and injects them into the DOM. All covers are now locally hosted as WebP (converted from Wikimedia JPEG). Remaining LCP improvement requires server-side rendering the first article inline in the HTML.

First external client. Built clean to 100% on our end. Client-side DNS changes during handover tanked all scores: security dropped to ~20%, accessibility to ~30%, SEO to ~40%, best practices to ~25%. We stepped back in, identified what changed, and closed everything at 100%.