Stack Health Score
Methodology

Evaluates the presence and quality of a CDN, edge delivery network, and hosting architecture. Sites running a reputable CDN (Cloudflare, Fastly, Akamai, Vercel Edge) with global PoPs score highest. Sites serving directly from an origin with no CDN lose significant points.

Checks for HTTPS, HSTS enforcement, modern TLS version, and the presence of key HTTP security headers (Content-Security-Policy, X-Frame-Options, Referrer-Policy). Security posture is one of the most actionable signals a stack scan can surface.

Assesses how current the detected frameworks, CMS, and build tools are. Sites built on actively maintained, modern technology (Next.js, Nuxt, SvelteKit, Astro) score well. Sites on end-of-life platforms, legacy PHP frameworks, or outdated CMS versions score lower.

Looks for signals of performance-conscious choices: lightweight analytics (Plausible, Fathom), deferred/async loading patterns, image optimisation services, and the absence of known performance-heavy tag managers firing synchronously.

Rewards sites that demonstrate production-grade monitoring: error tracking (Sentry, Bugsnag), APM (Datadog, New Relic), uptime monitoring, and real-user monitoring (RUM). These signals indicate a team that actively manages reliability.

Flags signs of duplication or internal contradictions: multiple competing analytics tools, two CMS platforms running simultaneously, conflicting A/B testing services, or signs of a migration in progress. A coherent stack scores higher than a fragmented one.