Frequently Asked Questions

AuditStack is a website security and performance auditing service. We scan your website for security vulnerabilities and performance problems — and give you a plain-English report with clear steps to fix everything we find. No technical knowledge required.

AuditStack is built for small business owners, freelancers, and anyone who runs a website but doesn't have a dedicated IT or security team. If you want to know whether your website is safe and fast — without wading through technical jargon — AuditStack is for you.

No. You just enter your website URL and email address, pay if required, and we deliver your report. No sign-up, no password, no account needed.

Yes, completely safe and legal. We only look at the stuff any visitor's browser can already see — we never try to log in, guess passwords, or touch anything inside your site. It's the same kind of check a consultant would do, just automated.

Most scans complete in under 60 seconds. You'll see your full results in the browser as soon as the scan is done, and you can download a PDF copy straight away. A detailed report is also delivered to your email.

We check ten things that actually matter for a small business: your security certificate (so customers don't see 'Not Secure' warnings), the safety rules your site tells browsers to follow, whether logins and bookings are protected, whether your site forces visitors onto the secure version, whether bits of content load over an unsafe connection, whether your site leaks technical info that helps hackers, whether your search-engine instructions are accidentally exposing private pages, whether security researchers can contact you, whether nobody can send fake emails pretending to be your business, and whether any of the software running your site is out of date. Each one gets a traffic-light result and a plain-English explanation.

Your score runs from 0 to 100 and maps to a letter grade from A+ to F. An A or A+ means your website follows current best practices across all major areas. A B or C means there are areas to improve — important, but not urgent. A D or F means there are significant gaps that should be addressed soon, as they could put your business or visitors at risk.

You can scan any publicly accessible website — including websites you don't own. We only use data that any browser or DNS lookup would return, so scanning a competitor or checking a supplier's site is perfectly fine. If a website requires a login to access, we won't be able to scan those protected pages.

Not at all. Every finding comes with a plain-English explanation of what the issue is, why it matters for your business, and exactly how to fix it. You don't need to understand any of the technical stuff — we tell you what to ask your web designer to do, or walk you through it yourself. If anything's still unclear, reply to your results email and we'll help for free.

Every issue in your report comes with specific, actionable steps. For many findings, you can fix them yourself by updating a setting in your hosting control panel or CMS. For others, you may need to pass the report to a developer — and we've written the recommendations in plain language so anyone can understand them. If you're stuck, email us and we'll point you in the right direction.

We run Google's own speed test on your site and give you a score out of 100 in four areas: how fast it feels, whether Google can find you properly, how easy it is to use, and whether the code behind it is any good. Both mobile and desktop. You'll see exactly what's slowing your site, and exactly what to do about it — no jargon. The whole thing is free.

Google PageSpeed tests mobile performance using a simulated slower device and mobile network connection. Most websites score lower on mobile because they haven't been optimised for those conditions. Your report will tell you exactly which issues are dragging your mobile score down and how to fix them.

Yes. We use your email address only to deliver your report — we never sell it, share it with third parties, or use it for marketing without your consent. Scan results are stored securely and not shared beyond your report delivery. See our Privacy Policy for full details.

We accept all major credit and debit cards (Visa, Mastercard, American Express) via Stripe — a secure, PCI-compliant payment processor. We do not store your card details. Prices are shown in your local currency where possible.

Because scan results are delivered instantly and in full, we're unable to offer refunds as a general policy. However, if your scan fails to complete or delivers an error, get in touch straight away and we'll resolve it — either by re-running the scan at no charge or issuing a full refund. We want you to be happy with your results.

Monthly monitoring ($79/month) runs a full security and performance scan of your website every month and sends you an updated report. You'll be alerted if your scores drop, new vulnerabilities emerge, or anything changes. It also includes historical score tracking so you can see progress over time. Cancel anytime — no minimum commitment.

Yes. Free 1-to-1 support is included with every paid scan. If anything in your report is confusing, you're not sure how to fix an issue, or you'd like a second opinion, simply reply to your results email. We'll respond personally — not with an automated template.

We aim to respond to all support requests within one business day. For urgent issues — such as a scan that failed or a security finding you're concerned about — we'll do our best to get back to you the same day.