Resources
The AcuityScan blog
Guides on email deliverability, SSL, performance, accessibility, and the issues websites hit most often.
·7 min read·dns · dnssecDNSSEC for people who don't run a registrar
DNSSEC explained in plain terms: what signing your DNS records actually protects, how to turn it on from your registrar dashboard, and the one mistake that takes sites offline.
Read post
·7 min read·dns · ttlWhy TTL matters more than you think during a migration
Cut cutover downtime from hours to minutes by planning DNS TTL before a migration. A practical DNS TTL migration playbook: what to lower, when, and how to verify.
Read post
·6 min read·dns health · whoisHow to read a WHOIS record
Decode registrar, status codes, nameservers, and expiry dates in minutes. This guide shows you how to read a WHOIS record and spot the red flags that put your domain at risk.
Read post
·8 min read·data study · small businessWe scanned 12,689 small-business websites. 17 passed.
We ran AcuityScan's full 350+ check suite against 12,689 small-business websites across all 50 states. 17 earned an A. Here is everything else we found, worst first.
Read post
·7 min read·seo · structured-dataThe schema markup mistakes Google's rich results validator catches
Google's rich results validator exposes common schema markup mistakes. Learn which errors break rich snippets, how to spot them, and why they cost you traffic.
Read post
·7 min read·gdpr · cookie consentCookie consent banners that pass GDPR without tanking conversion
A practical guide to building a GDPR cookie consent banner that satisfies regulators and keeps signups intact, with the design patterns and technical checks that matter.
Read post
·7 min read·accessibility · screen readersThe accessibility issues a screen reader will find that you won't
A screen reader experiences your site as a stream of text and announcements. Here are the screen reader accessibility issues it catches that a sighted review always misses.
Read post
·8 min read·performance · cachingCache-Control vs ETag: which one is breaking your CDN
Cache-Control vs ETag confusion quietly wrecks CDN hit rates and serves stale pages. Here is how each header works, where they collide, and how to fix it.
Read post
·6 min read·performance · render blockingRender-blocking scripts: the three you almost certainly have
Render-blocking scripts stall your first paint while the browser waits. Here are the three most sites carry without knowing, and how to fix each one.
Read post
·8 min read·ssl · tlsWhy your valid SSL cert still fails on some browsers
A valid SSL certificate fails some browsers when the chain is incomplete, the device's root store is outdated, or the CA has been distrusted. Here is how to find the gap.
Read post
·5 min read·security headers · content security policyThe Content Security Policy your CMS hides from you
Most CMS platforms ship without a Content Security Policy header, leaving your site exposed to XSS by default. Learn what CSP controls and how to add one.
Read post
·6 min read·email deliverability · dmarcDMARC reports: how to read the aggregate XML without losing your mind
Learn how to read a DMARC aggregate report by breaking down each XML section, understanding alignment vs. raw results, and spotting failures before they hurt deliverability.
Read post
·7 min read·email deliverability · dmarcThe Google and Yahoo bulk sender rules: what changed in 2024
Google and Yahoo bulk sender requirements now mandate SPF, DKIM, DMARC, one-click unsubscribe, and low spam rates. Here is what changed and how to comply.
Read post
·8 min read·email deliverability · spfWhy your Gmail emails go to spam even though SPF passes
SPF passes but Gmail still sends your email to spam? The problem is usually DMARC alignment, missing DKIM, or domain reputation. Here is how to find and fix it.
Read post
·7 min read·email deliverability · spfSPF flattening: what to do when you hit the 10-lookup limit
Exceeding the SPF 10 lookup limit causes mail to fail authentication silently. Learn how SPF flattening works, when to use it, and safer alternatives to protect deliverability.
Read post
·6 min read·email deliverability · DMARCSPF, DKIM, and DMARC in plain English
The three records that decide whether your business email lands in the inbox or the spam folder, explained without the jargon.
Read post
·7 min read·security · HSTSHSTS: how to enable it without breaking your site
HSTS forces browsers to use HTTPS only, which is great until you accidentally lock out a subdomain that doesn't have a cert. Here is the safe way to enable it.
Read post
·7 min read·performance · core web vitalsCore Web Vitals: what each one actually measures and how to move it
Google's Core Web Vitals decide a chunk of your search ranking and how patient your visitors are. Here is what LCP, INP, and CLS actually measure and how to move them.
Read post
