Documentation

Introduction

The ECOS Web Audit is an analytical tool for the technical assessment of websites. It combines measurable indicators into a composite index covering Efficiency, Sustainability (Clean), Openness, and Security (Safe).

The technical implementation is based on a modular architecture using cloud services for hosting, data storage, and backend functions.

Due to its modular structure, the audit engine and API can be used independently of the web app — for example, to build a custom REST API or connect it to a different frontend.

Index Component Concepts

  • Efficiency (Efficient): Evaluates the volume of transferred data and the number of HTTP requests. Results are benchmarked against global averages for performance context. (PageSpeed Insights, HTTP Archive)

  • Sustainability (Clean): Measures the ecological footprint of the website. The carbon footprint is calculated based on data volume and the energy mix of the hosting data center. The server location is identified via IP lookup. (CO2.js, The Green Web Foundation, AbuseIPDB)

  • Openness (Open): Measures accessibility and Search Engine Optimization (SEO). The goal is to ensure technical accessibility for people with disabilities and the general findability of content. (PageSpeed Insights)

  • Security (Safe): Combines infrastructure reputation and implemented security features. Reputation is checked against blacklists; SSL certificates and Content Security Policies (CSP) are analyzed through a proprietary logic. (AbuseIPDB, Google Web Risk API, HTTP Observatory Scoring Methodology)

The four areas are not isolated metrics — they reinforce each other. Efficient code directly reduces energy consumption through smaller data volumes (Clean). Lean code also improves loading times, boosting both accessibility and visibility (Open).

Robust security standards (Safe) increase infrastructure reliability, while a clean technical foundation supports long-term maintainability. Improvements in one area tend to have positive effects across the whole system.

Sub-indicators Overview

Tree Chart Visualization

Composition of the ECOS ScoreECOS Score Display100Scores25%ECOS Score Display100Efficiency25%ECOS Score Display100Clean25%ECOS Score Display100Open25%ECOS Score Display100Safe40% (10%)ECOS Score Display100Performance30% (7.5%)ECOS Score Display100Best Practices30% (7.5%)ECOS Score Display100Network50% (12.5%)ECOS Score Display100Accessible50% (12.5%)ECOS Score Display100SEO50% (12.5%)ECOS Score Display100Trust50% (12.5%)ECOS Score Display100Secure50% (3.75%)ECOS Score Display100Requests50% (3.75%)ECOS Score Display100Data Weight50% (6.25%)ECOS Score Display100Webrisk50% (6.25%)ECOS Score Display100IP Check

Tabular Overview

IndexWeightingSub-indicators
Scores100%
IndexWeightingSub-indicators
Efficiency25%
IndexWeightingData Sources
Performance40% (10%)
Best Practices30% (7.5%)
Network30% (7.5%)
IndexWeightingData Sources
Requests50% (3.75%)
  • Relative score: Number of HTTP requests (compressed) is put in relation to data from all websites
  • PageSpeed API (Google) - Number of HTTP requests lighthouseResult.audits.network-requests.details.items[].transferSize
  • httparchive.org - Relative frequencies of websites by number of HTTP requests data (2024)
  • Web Audits/GitHub - create_subscore_requests
Data Weight50% (3.75%)
  • Relative score: Size of transferred data (compressed) is put in relation to data from all websites
  • PageSpeed API (Google) - Transferred data by type lighthouseResult.audits.network-requests.details.items[].resourceSize
  • httparchive.org - Relative frequencies of websites by transferred data (2024)
  • Web Audits/GitHub - create_subscore_weight
Clean25%
Open25%
IndexWeightingData Sources
Accessible50% (12.5%)
SEO50% (12.5%)
Safe25%
IndexWeightingSub-indicators
Trust50% (12.5%)
IndexWeightingData Sources
Webrisk50% (6.25%)
IP Check50% (6.25%)
  • AbuseIPDB - Checking if IP address is listed with malware or harmful practices
Secure50% (12.5%)

Tech Stack

The project uses a serverless-based tech stack:

  • Framework & Runtime: React and React Router as a full-stack framework on the Node.js runtime. (React, React Router)

  • Frontend & Visualization: Radix UI for accessible components, d3/visx for complex data visualizations, and Tailwind CSS for styling. (Radix UI, visx, Tailwind CSS)

  • Infrastructure Management: SST (Ion) as an IaC framework for defining and deploying cloud resources. (SST)

  • AWS Cloud Services:

    • Data Storage: DynamoDB as a highly available NoSQL database. (AWS DynamoDB)

    • Compute: Lambda Functions for server-side rendering (SSR) and as scalable compute for performing audits. (AWS Lambda)

    • Web Deployment: S3 for static assets, Route53 for DNS management, and CloudFront as a Content Delivery Network (CDN). (AWS CloudFront)

Audit API

Currently, the REST API only supports GET requests to the ECOS database. These return audit results and daily updated descriptive statistics. Requests to perform or update audits are not available via the API at this time.