Web
Audits

Documentation

Introduction

The ECOS Web Audit is an analytical tool for the technical assessment of websites. The system consolidates technically measurable indicators into a Composite Index evaluating Efficiency, Sustainability (Clean), Openness, and Security (Safe).

The technical implementation is based on a modular architecture utilizing cloud services for hosting, data storage, and backend functions.

Due to its modular structure, the audit engine or API can be used independently of the web app's code – for example, to build a custom REST API or to connect it to a different frontend.

Index Component Concepts

  • Efficiency (Efficient): This area evaluates the volume of transferred data and the number of HTTP requests. Results are benchmarked against global averages to provide performance context. (PageSpeed Insights, HTTP Archive)

  • Sustainability (Clean): Focuses on the ecological balance of the website. The carbon footprint is calculated based on data volume and the energy mix of the hosting data center. Additionally, the server location is identified via IP lookup. (CO2.js, The Green Web Foundation, AbuseIPDB)

  • Openness (Open): This index measures accessibility and Search Engine Optimization (SEO). The goal is to ensure technical accessibility for people with disabilities and the general findability of information. (PageSpeed Insights)

  • Security (Safe): The rating is composed of infrastructure reputation and implemented security features. While reputation is checked against blacklists, SSL certificates and Content Security Policies (CSP) are analyzed through a proprietary logic. (AbuseIPDB, Google Web Risk API, HTTP Observatory Scoring Methodology)

The four areas are not isolated metrics; they reinforce each other. Efficient programming directly reduces energy consumption through smaller data volumes (Clean). Simultaneously, lean code improves loading times, boosting both accessibility and visibility (Open).

Similarly, robust security standards (Safe) increase infrastructure reliability, while a clean technical foundation ensures maintainability and long-term sustainability. The ECOS audit demonstrates that optimizations in one area usually have positive ripple effects throughout the entire system.

Sub-indicators Overview

Tree Chart Visualization

Composition of the ECOS ScoreECOS Score Display100Scores25%ECOS Score Display100Efficiency25%ECOS Score Display100Clean25%ECOS Score Display100Open25%ECOS Score Display100Safe40% (10%)ECOS Score Display100Performance30% (7.5%)ECOS Score Display100Best Practices30% (7.5%)ECOS Score Display100Network50% (12.5%)ECOS Score Display100Accessible50% (12.5%)ECOS Score Display100SEO50% (12.5%)ECOS Score Display100Trust50% (12.5%)ECOS Score Display100Secure50% (3.75%)ECOS Score Display100Requests50% (3.75%)ECOS Score Display100Data Weight50% (6.25%)ECOS Score Display100Webrisk50% (6.25%)ECOS Score Display100IP Check

Tabular Overview

IndexWeightingSub-indicators
Scores100%
IndexWeightingSub-indicators
Efficiency25%
IndexWeightingData Sources
Performance40% (10%)
Best Practices30% (7.5%)
Network30% (7.5%)
IndexWeightingData Sources
Requests50% (3.75%)
  • Relative score: Number of HTTP requests (compressed) is put in relation to data from all websites
  • PageSpeed API (Google) - Number of HTTP requests lighthouseResult.audits.network-requests.details.items[].transferSize
  • httparchive.org - Relative frequencies of websites by number of HTTP requests data (2024)
  • Web Audits/GitHub - create_subscore_requests
Data Weight50% (3.75%)
  • Relative score: Size of transferred data (compressed) is put in relation to data from all websites
  • PageSpeed API (Google) - Transferred data by type lighthouseResult.audits.network-requests.details.items[].resourceSize
  • httparchive.org - Relative frequencies of websites by transferred data (2024)
  • Web Audits/GitHub - create_subscore_weight
Clean25%
Open25%
IndexWeightingData Sources
Accessible50% (12.5%)
SEO50% (12.5%)
Safe25%
IndexWeightingSub-indicators
Trust50% (12.5%)
IndexWeightingData Sources
Webrisk50% (6.25%)
IP Check50% (6.25%)
  • AbuseIPDB - Checking if IP address is listed with malware or harmful practices
Secure50% (12.5%)

Tech Stack

The project utilizes a serverless-based tech stack:

  • Framework & Runtime: React and React Router as a full-stack framework on the Node.js runtime. (React, React Router)

  • Frontend & Visualization: Radix UI for accessible components, d3/visx for complex data visualizations, and Tailwind CSS for styling. (Radix UI, visx, Tailwind CSS)

  • Infrastructure Management: SST (Ion) as an IaC framework for defining and deploying cloud resources. (SST)

  • AWS Cloud Services:

    • Data Storage: DynamoDB as a highly available NoSQL database. (AWS DynamoDB)

    • Compute: Lambda Functions for server-side rendering (SSR) and as scalable computing power for performing audits. (AWS Lambda)

    • Web Deployment: S3 for static assets, Route53 for DNS management, and CloudFront as a Content Delivery Network (CDN). (AWS CloudFront)

Audit API

Currently, the REST API only supports GET requests to the ECOS database. These provide audit results and daily updated descriptive statistics. Requests to perform or update audits cannot be made via the API at this time.