Implementation overview

Minimize Use of Third-Party Scripts and Widgets

Defer Non-Critical JavaScript

Use Vanilla JavaScript or Lightweight Frameworks When Possible

Use secure frame headers

Enable HSTS for subdomains.

Enable HSTS preload header

Implement HTTPS by Setting Up an SSL Certificate

Use ARIA (Accessible Rich Internet Applications) Landmarks and Roles

Ensure WCAG 2.1 Compliance for Accessibility

Make video accessible

Make simple and accessible animations.

Add Descriptive Alt Text for all important Images.

Ensure Sufficient Color Contrast for Text

Implement Keyboard Navigable Menus and Forms

Set your Robot.txt file

Set Up Proper 404 Error Pages with Useful Navigation

Implement Structured Data (Schema Markup) for Rich Snippets

Disable Webflow subdomain indexing

Use Global canonical URL

Optimize Fonts and Reduce Font Loading Times

Use a Content Delivery Network (CDN) for Faster Content Delivery

Minify CSS, JavaScript, and HTML

Implement Browser Caching and CDNs

Compress and render better images after uploading.

Optimize and Compress Images before uploading

Appropriate Sizing and Background Images

Set Imgae Above the Fold set to Eager.

Implement Lazy Loading for Images and Videos

Use Asynchronous Loading for custom CSS and JavaScript

Mobile testing focus

Implement Touch-Friendly Design Elements for Mobile Users

Optimize Layouts for Different Screen Sizes and Orientations

Ensure Responsive Images Using srcset and sizes Attributes

Make Text Responsive with Fluid Typography

Mobile essential content

Ensure Breadcrumb Navigation for Better User Experience and SEO

Design a Logical and User-Friendly Navigation Menu

Create Intuitive URL Structures & Readable Slugs

Conduct a Heading Hierarchy

Use HTML5’s Semantic Tags For Better Architecture

Set a Clear Navigation and Structure Upfront

How to Enable HSTS preload header on Webflow?

Enabling HSTS (HTTP Strict Transport Security) preload header is crucial for ensuring that all connections to your website are secure by forcing browsers to use HTTPS. The HSTS preload list is a list of sites that are hardcoded into browsers as HTTPS-only, providing an additional layer of security.

How to do it on Webflow?

Enable SSL: Ensure SSL is enabled for your site in Webflow’s hosting settings
Add the HSTS Header: In your hosting settings, toggle the HSTS preload header

Do's

Don'ts

Tools

Don't have the Checklist yet?

Download the Checklist