This guide contains 50+ web best practices that will make your site rank higher in search results, load faster in browsers and be more secure against attacks. The advice here is based on recommendations from web experts such as Google, Mozilla, W3C, OWASP and Yahoo. For each best practice, we explain why it’s important, how to follow it and provide you with authoritative links to refer to for further reading.
The web best practices guides
Get started by choosing from the the SEO, web speed or web security sections below or keep scrolling for a complete table of contents showing all the web best practices covered.
SEO Best Practices
Boost your search rank and click-through rates by fine-tuning the on-page SEO of your site.
Page Speed Best Practices
Accelerate your site by learning how to shrink page sizes and optimise resource delivery.
Read the full SEO Best Practices guide or jump to the section or rule you’re interested in with one of the links below.
Every page on your site should be given a concise, informative and unique title to improve your search rank and search result click rates. Read more ➜
Headings should be added to pages to give their content a hierarchical structure. This helps give search engines and users a better understanding of what each page contains. Read more ➜
Every page on your site should be given an informative, concise and unique description. Read more ➜
Duplicate page content should be avoided as you will get less control over how your search results are displayed and how backlinks are consolidated. Read more ➜
Pages should contain substantial, unique and high-quality content that works well on mobile devices and has accessibility in mind. Read more ➜
Each page should have a well-written URL that is short, accurate and friendly for humans to read. Read more ➜
Your site should be free of broken links and configured to signal broken links to crawlers using a 404 response status code. Read more ➜
Every subdomain on your site should have a robots.txt file that links to a sitemap and describes any crawler restrictions. Read more ➜
Read the full Page Speed Best Practices guide or jump to the section or rule you’re interested in with one of the links below.
A key factor in making pages faster is to reduce the size of each page and their resources using compression and minification. Read more ➜
Caching should be used to decrease server load and reduce the amount of data browsers need to download while browsing your site. Read more ➜
CSS delivery should be optimised by avoiding inline CSS and avoiding the use of
@import. Read more ➜
Read the full Web Security Best Practices guide or jump to the section or rule you’re interested in with one of the links below.
HTTPS prevents attackers from reading and modifying data sent between your site and browsers. HTTPS should be considered a minimum security requirement for all websites. Read more ➜
HTTP Strict Transport Security (HSTS) is a response header that improves security by instructing browsers to always use HTTPS instead of HTTP when visiting your site. Read more ➜
A content sniffing attack typically involve tricking a browser into executing a script that is disguised as another file type. These attacks can be protected against with correctly configured response headers. Read more ➜