4 technical SEO tips to improve crawlability

Technical SEO is the foundation of any successful SEO strategy. It’s what allows search engines to find, understand, and rank your content in search results. Without it, even the most engaging and educational content won’t be seen.

In this blog, you’ll learn the most important and actionable technical SEO tips, to make your website easily crawlable, and rankable, on search engine results pages (SERPs).

Technical SEO Optimisations for Crawlability

Running a technical SEO audit will help you find crawlability issues that are hurting your website’s search results. Common problems include:

  • XML sitemap issues
  • Poor site architecture
  • Slow load speed
  • Mobile responsiveness

Once you know what’s negatively impacting your website, you can implement fixes, many of which lead to quick wins. Here’s a breakdown of each of these areas in more detail, and how to improve them.

XML sitemap

An XML sitemap is a crawler friendly list of all the URLs that make up your website. Most off-the-shelf platforms, like WordPress and Shopify, generate XML sitemaps automatically. If you don’t use these platforms, there are alternative sitemap generator tools available. Once you’ve created your sitemap, submit it to Google Search Console and Bing Webmaster Tools so they can more easily crawl your site. 

Site architecture

A good site architecture means having a well-structured website that is easy for search engines, and your users to navigate. Effective ways to create a good site architecture include using simple URL structures, internal linking, meta robots and canonicals. Let’s explore these in more detail. 

URL structures

Your URL structure, or folder structure, is how your website’s pages are packaged up and organised. 

To create a good URL structure, imagine your website as a library with folders and subfolders to keep everything organised. You could create a main product folder called “Drinks”, and then include sub folders for “Coffee” and “Tea”. Structuring your site this way makes it much easier to crawl and navigate, improving your ranking in SERPs.

Additionally, keep your actual URLs short, simple, consistent, and use keywords that reflect your content. 

Internal linking

To implement good internal linking (which should be an integral part of your SEO content marketing strategy) strategically place hyperlinks within your content to connect relevant pages. Use clear and descriptive anchor text for these links to guide search engines across your site and show them how your content connects.  This helps search engines understand your website and the relationships between different pages, ultimately boosting your SEO.

Meta robots and canonical tags 

Meta robots and canonical tags provide important information to search engines about how to crawl and index your content. 

Using Meta robots, you can tell search engines to “index” a page so it shows in search results, or use “noindex” to hide it. You can control whether the crawler “follows” the links on the page, or use “nofollow” to stop them crawling the link and passing on any SEO value.

Canonical tags however, specify which page search engines should prioritise when there are duplicates with similar content. This avoids any confusion and ensures that only the most relevant version is indexed. You should only use this when you need to keep multiple similar versions of a page accessible to users, not to manage accidental duplication.

Broken links and 404s

Broken website links stop search engines crawling your content because they can’t access the intended page. They essentially get ‘stuck’ and assume your site is poorly maintained. So, prioritise identifying and fixing broken links to keep search engines crawling smoothly and ensure you’re considered a quality source.

Website speed

Just like you and me, search engines hate slow websites. Use tools like PageSpeed Insights to check how long it takes for your website to load and identify areas for improvement. If it’s slow, one of the easiest ways to speed it up is by compressing images because you don’t need developer support.

Other ways to speed up your website include caching pages, adding lazy loading images and compressing JS/CSS. But these may require additional developer support. 

Mobile Responsiveness

Today, developers build websites that adapt to different screens, instead of making different versions for mobile and desktop. Design however doesn’t always account for mobile, so areas like text size, buffer space around clickable elements and logical navigation layouts get missed. So, make sure your website works on desktop and mobile, and whenever you make changes, check both versions to see how they look.


Technical SEO is equally as important as content-focused SEO. It’s how your content actually shows in search results, and can earn you some relatively quick wins.

Run a technical SEO audit to learn how your website is performing, identify and fix issues. By regularly running these audits, you can continuously measure performance, improve it and find issues that crop up.

As a specialist SEO agency in Liverpool and Chester, we help companies develop and implement effective technical SEO strategies for long-term growth. If you want a free technical SEO audit on your website, complete the form below and we’ll book you in. 

In 2023, nearly a fifth (19%) of global retail sales happened online, and that number is expected to reach a quarter by 2027. 

It’s no wonder – online shopping offers ultimate speed and convenience. Browsing products, checking out and next-day delivery has never been easier. 

But with such ease comes high expectations. Shoppers want everything now, hassle-free and at the tap of a button. Long delivery times and clunky websites simply won’t cut it.

This is why prioritising your online store’s user-experience (UX) is so important. Focus on this, and those browsing your site are more likely to buy from you, come back again, and recommend your brand to others.

Here are four ways to improve your online store’s UX.

Make browsing and buying products easy

Ever been shopping on a website that’s difficult to use, find products and check-out? Your answer is probably yes and chances are you gave up, abandoned your cart and left in frustration.

Stop your customers experiencing this by making your buying journey quick, easy and seamless from start to finish. Conducting a website CRO audit is an effective method to pinpoint problem areas and opportunities for improvement. 

Additionally, consider the following:

Provide a good site search 

Improve your website’s product search functionality by adding features like autocomplete, which suggests popular search terms, and the ability to recognise typos and natural language. Name and tag all your products accurately too, so your search filters work smoothly and only show relevant results. 

These improvements will help users find what they’re looking for, boosting the likelihood of them making a purchase.

Use strategic call to actions

Strategically place call-to-actions (CTAs) such as ‘Buy Now’, ‘Shop Now’, and ‘Checkout Now’, to guide users through their journey, stop them from getting lost and encourage them to purchase. Experiment with different CTA copy, placements and designs to see which ones resonate most with your audience and generate the best results.

Enhance your product descriptions and visuals

Write enticing descriptions that clearly explain what your products are. Pair them with high-quality, attractive photos to create a visually engaging experience that builds brand trust and compels visitors to buy.

Side note – Optimise all product copy and images for SEO to appear high in search engine results. Read this blog to learn about the benefits of good e-commerce SEO

Simplify the checkout process

Customers are more likely to abandon their carts if the checkout process is long. So, eliminate unnecessary steps and only ask for essential details such as name, shipping address, email, and payment information.  Be upfront about additional costs too, because nearly half (48%) of shoppers abandon their carts when costs like shipping or taxes sneak in at checkout. 

Additionally, offer guest checkout options for those who want to purchase quickly without creating an account. You could always give customers the option of creating an account after buying, so they can easily see their orders whenever they like.

Personalise the shopping experience

Make your customers feel valued by tailoring their shopping experience to their wants and needs. You could recommend similar products based on browsing history, display past purchases for easy re-ordering, or offer loyalty programs that reward repeat customers. You could even introduce an agent-bot on your site for a fast, 1-2-1 customer service.

Add new interactive features that bring value

Adding interactive website features can make online shopping more engaging, personalised and drive sales from new customers.

For example, we created Cartwright and Butler’s ’Build Your Own Hamper’ feature. You can curate your own luxury food hamper with biscuits, chocolates, drinks and more, before checking out and getting it delivered. This improved the UX and increased gift sales because users can customise hampers for who they’re buying for.

Website development agency in Liverpool and Chester - Reckless & Cartwright and Butler

Leverage motivation and urgency

Introduce countdown sales timers and limited offers to encourage customers to grab a deal before it’s gone. Highlight ‘best-selling’ or ‘trending’ items too, tapping into your customers’ desire of being part of something popular. Use social proof as well by sharing real-time customer testimonials and star reviews to build credibility and trust. 

After all, sometimes all it takes is a nudge in the right direction and the fear of missing out to generate a sale.


Every aspect of your website, from design and responsiveness to copy, SEO, and personalisation, needs to work together to deliver the best buying journey. Testing is key, so don’t be afraid to try new features, page layouts and content to see what works best for your customers. 

As an e-commerce web development agency in Liverpool and Chester, we work closely with retailers to improve and build websites with great shopping experiences. If you need a hand improving your website’s UX, get in touch today and let’s discuss your requirements.

Around 88% of online shoppers won’t return to a website after a bad user-experience (UX). So how do you satisfy them enough to stick around, convert and come back?

For Marketing Managers, Conversion Rate Optimisation (CRO) audits are the perfect exercise to identify website problems and areas of opportunity. Once you know this information, you can make that all important plan to fix them.

But knowing where to start is hard, especially if you have quite a complex website with lots of pages, components and traffic. 

In this guide, we share six tips for conducting a website CRO audit to enhance UX and turn more visitors into customers.

Getting started with your CRO audit

Before starting your CRO audit, find out your company’s objectives and define what a website conversion is. If you’re an e-commerce company, a conversion is likely to be a purchase. If you’re a service provider, it’s probably a form completion, download or subscribe. But also consider smaller micro actions that are good indicators of a potential conversion e.g. if we want to track a form completion are we tracking if they even saw the form?

Next, keeping in mind the above, set up your tracking to measure and learn from your optimisation efforts. The tracking tools will depend on your platforms and conversion type, but GA4 is perfect for analysing key metrics like conversion rates, traffic and clicks.

So now you’ve got your goals and tracking in place, here’s six tips to conduct a comprehensive CRO audit. 

Identify areas of friction 

We all know how annoying it feels to visit a website that’s slow, hard to navigate or broken. That’s why identifying and removing friction is so important to make your users’ journey smooth and prevent frustration.

Use ‘The BS test’

One useful tool to identify areas of friction is ‘The BS Test’, which will help you discover if something is broken or slow.

What is a broken website element?

Broken website elements are anything from a button or link not working, a form that can’t be completed or an image not loading. Broken elements are a nightmare from a UX perspective, so it’s crucial to make sure everything is working as it should be.

How to identify broken website elements

To find broken elements, act like a visitor using your website and have others do the same. This might feel like a manual process, but user testing is the best way to identify issues that you might otherwise miss.

In addition, use GA4 to identify which devices and resolutions convert well and poorly. Users may be converting on desktop but not mobile, revealing problems with mobile usability or navigation. This gives you a confident starting point for your CRO audit based on real-time data.

Remember that just because something works on desktop doesn’t automatically mean it does on mobile, so always test both.

How to check if your website is slow

Use Google PageSpeed Insights to see your website’s LightHouse Score and check if it is too slow. LightHouse Scores are a metric that measure how well your website is doing in terms of performance, accessibility, best practices, SEO, and Progressive Web Apps.

If your website’s LightHouse score isn’t in the green (90-100), there’s room for improvement and you need to speed it up. Google PageSpeed Insights will show you problem areas and suggest ways to fix them for better performance. Common suggestions include reducing image sizes, JavaScript execution time or the impact of third-party code.

Identify areas of distraction

There are many ways to identify areas of distraction on your website. An effective one is through the concept of visual hierarchy.

Visual hierarchy is the way page elements are organised in order of importance.  For example, your call to action (CTA) matters more than other elements, so it should be high up on your page’s visual hierarchy. This means it should be clear and easily accessible in order for users to click it.

Areas that steer users away from clicking this CTA are elements of distraction. Too much text, contrasting colours, or conflicting messaging for example can distract users and cause the CTA to be lost.

The ‘Squint Test’ is a great way to identify areas of distraction. Open your webpage and squint your eyes so everything looks blurry. The areas you see first are high contrast sections, and therefore at the top of your page’s visual hierarchy. Your CTA and other important elements should stand out first. If they don’t, focus on improving your page’s visual hierarchy because users are getting distracted. 

Push your value proposition

If you haven’t created a value proposition yet, talk to stakeholders and conduct customer research to determine what it should be. Survey your team and a sample of your customers to understand their wants, needs and motivations. After you gather this information and define your value proposition, clearly display it on your website. This ensures users know what makes you different and why they should choose you over competitors. 

Decide if your content is relevant

Research your competitors because the experience users have on their websites influences their expectations for yours. Look at what features they offer, their page layouts and value proposition. If your website isn’t as good as theirs, users will be let down and choose competitors instead. So make sure yours looks the part, is enjoyable to use and provides real value to your customers. 

Make everything as clear as possible

Make it easy for users to find what they want on your website and get a real feel for your brand identity. So make sure your page design is engaging and clean, and your copy is clear and concise. 

Of course, some websites have a lot of products and services that are complicated. If you try to simplify them too much, it can make things more complex. In this case, consider techniques such as movement and animation to guide the user in a visually engaging way. 


Getting people to your website is one thing, but turning users into sales or leads is completely different. To convert website visitors, conduct a CRO audit to identity issues, fix them and ensure your UX is seamless.  Optimise every element of your site including usability, navigation, design, trust signals, and site speed. 

Everything we’ve shared in this article are just examples, and differ depending on your website’s purpose, sector and audience. Just remember your goals and that your website should guide the user to conversion. So the easier you make their journey, the more likely they’ll convert.

Want us to run a complimentary CRO audit on your website? Simply get in touch and we’ll book you in.

With 64% of businesses planning to implement Enterprise Resource Planning (ERP) systems within the next three years, it’s clear that many companies are starting to prioritise workforce productivity, efficiencies, and data management. 

However, some businesses do still overlook ERP integrations for fear of change, cost, required resources and impact on day-to-day operations. But this shouldn’t be the case and in fact, ERP integrations can save you time and money in the long-term. 

In this blog, I’ll explain exactly what ERP integrations are, the four biggest business benefits of ERP integrations and why they shouldn’t be neglected.

What is an ERP?

An Enterprise Resource Planning (ERP) system brings together various business functions such as sales, customers, finance, HR, and supply chain, into one place.

The core purpose of an ERP is to streamline processes and make the day-to-day running of an organisation easier. There are lots of different ERPs on the market, with three of the most common being NetSuite, Microsoft Dynamics 365 and SAP. 

What is an ERP integration?

An ERP integration is when you connect your ERP system with other business applications such as your e-commerce platform, CRM or finance software.  The aim of an ERP integration is to share company-wide data across systems to boost productivity and efficiency.

Here is a list of applications that ERP systems can integrate with:

  • Business Intelligence (BI) software
  • Customer Relationship Management (CRM) software
  • E-commerce platform like Shopify, WooCommerce or Magento 
  • Online marketplaces
  • Project management tools

What are the benefits of an ERP integration?

There are many benefits of ERP integration including streamlined processes, improved data visibility, enhanced communication, reduced costs and better customer service.

In fact, studies show that ERP integrations can improve processes by 95% and cut operational costs by 23%. (Forbes, 2024).

Here’s each ERP integration benefit in more detail.

Accurate, real-time data

By integrating your ERP with other applications, you’ll have one single source of truth for company data. This eliminates data silos and provides easy access to real-time data from different departments in one place. This is faster than relying on multiple systems with conflicting information, reducing errors and enhancing visibility. 

Automate manual tasks

With a fully integrated ERP, you can automate time-consuming tasks and workflows. For example, manually managing stock control on your e-commerce platform can take a long time but with an ERP integration, you could automatically feed live stock updates directly into your e-commerce platform so it’s always up to date. 

Enhanced collaboration

With everyone working from the same system, you’ll foster better collaboration and communication across teams. You’ll all be able to easily access and share data, leading to faster decision-making, increased productivity and a more enjoyable way of working.

Better customer service

With real-time access to customer data and order history, your sales and support teams can provide a faster, personalised and more informed customer service. This will boost customer satisfaction and retention which ultimately, will help you grow sales.

If you’re considering an ERP integration but not sure on the best approach, please get in touch and we’ll book a call in to chat about your ERP system.

If you’re using any of Google’s advertising services – Google Ads, Shopping, Tag Manager, GA4 – within the EEA, you should have upgraded to Google Consent Mode v2 by Wednesday 6th March 2024. 

Why? In this short blog, we’ll explain everything you need to know, including what Google Consent Mode is and why updating to the new version is crucial for continuing to serve targeted adverts to your audience.

What are Google Consent Mode and Google Consent Mode V2?

Google Consent Mode is a tool that enables websites to collect non-identifying data when the user doesn’t give cookie consent. However, because of ongoing developments in EU/EEA privacy regulations, and the phase out of third-party cookies, Google upgraded the tool to offer enhanced functionality. 

That’s when Google Consent Mode V2 was born. With this version, you can adjust Google tags based on the users’ consent preferences for ads and cookies. Essentially this means that you’ll be able to track users, but only when they give explicit consent. 

Why updating to Google Consent Mode V2 is important

Upgrading to Google Consent Mode V2 is crucial for continuing to target users within the EEA with relevant ads. Without it, you won’t be able to capture new user data in advertising platforms, like Google Ads and GA4. You also won’t be able to accurately measure and report on ads, create audience lists or execute effective remarketing ad campaigns. Your bidding algorithms will be running on inaccurate data, so you won’t be spending your ad budgets effectively.

What are the next steps?

Now the March 6th deadline has passed, your website’s cookie consent banner must comply with Consent Mode Partners (CMP) V2. Google has several CMP partners but personally, we recommend Cookiebot

So if you haven’t already, don’t delay implementing Google Consent Mode V2. If you need support upgrading, choosing a CMP partner or have any questions, please get in touch.

On the 4th January 2024, Google officially started phasing out the use of third-party cookies for 1% of Chrome and Android users. This move mirrors actions already taken by Safari and Firefox, both of which blocked them a few years back to enhance privacy measures.

So what does Google removing third-party cookies mean for marketers? In this blog we’ll explain what third-cookies are, the impact the phase-out will have on marketing and alternative tactics to overcome the change.

What are third-party cookies?

Third-party cookies are placed on your device by websites that are different from the one you’re visiting. These cookies can be used to track user activity across multiple sites and social media platforms, collecting data such as demographics, interests and browsing patterns. Marketers then use this data to create targeted and remarketed ad campaigns, effectively reaching relevant audiences online.

For example, say you visit a clothing website and then start seeing ads for similar clothes on various other sites, that’s probably because third-party cookies have been tracking you all along. 

What are the advantages and disadvantages of third-party cookies?

Advantages of third-party cookies
  • Personalised advertising: You can effectively serve personalised ads to both new and existing website users, expanding your reach and increasing brand awareness. You can then retarget them with ads that encourage them to take an action, and enhance your user-experience by sharing valuable content that resonates.
  • Cross-site functionality: Third-party cookies allow websites to remember login credentials and user preferences. This enables convenient features like single sign-on across multiple websites, and easy content sharing through social media plugins.
Disadvantages of third-party cookies:
  • Privacy concerns: Companies use third-party cookies to collect high volumes of personal data and create detailed user profiles. The problem however is that many people don’t trust them due to the lack of transparency about how their data is collected, stored and used.
  • Security risks: Malicious actors can exploit third-party cookies for tracking, targeting, and delivering malware or phishing attacks. 

Why are browsers removing third-party cookies?

Browsers are removing third-party cookies largely due to escalating privacy concerns about how companies collect and manage personal data. Data privacy laws and regulations are evolving, and there’s a pressing need to enhance transparency and provide assurances that data is being handled securely and ethically. 

But Google’s phase-out of third-party cookies isn’t anything new because major browsers have been getting rid of them for years. Safari blocked them back in 2020, followed by Mozilla Firefox in 2023. Google however, was slow to follow suit and continued allowing them right up until January 2024. 

What does Google phasing out third-party cookies mean for marketers?

Marketers have heavily relied on third-party cookies to serve personalised and retargeted ads through platforms like Google Ads and Shopping. But by removing them, effective targeting is much harder as marketers lose access to crucial data regarding the users’ browsing habits, which is what made this tactic so effective. 

What should you do now Google is phasing out third-party cookies 

First of all, breathe. Remember that Google isn’t banning all cookies and there are still plenty of other ways to collect valuable marketing data and reach your audience.  For example, you could implement a first-party data strategy – that’s data about user activity on your own website as opposed to elsewhere  – or trial more traditional research methods like customer surveys. This is an effective, yet often overlooked, way to gain insights into your audience’s wants and needs, which you can then use to shape your marketing strategy. 

Additionally, make sure that the way your business uses cookies definitely complies with the latest data privacy regulations. For example, if you use any Google advertising products such as Google Ads, Shopping or GA4, you have until the 6th March 2024 to upgrade to Google Consent Mode V2, if you want to continue serving targeted ads within the EEEA.

What is Google Privacy Sandbox?

Another potential alternative to third-party cookies is Google’s Privacy Sandbox, an initiative designed to curb unauthorised data tracking whilst enabling targeted advertising in Chrome. 

Google is still developing Privacy Sandbox, but it says the three goals of the initiative are to:

  • Build new technology to keep your information private.
  • Enable publishers and developers to keep online content free.
  • Collaborate with the industry to build new internet privacy standards.

Keep an eye on the Privacy Sandbox website for monthly updates as the initiative develops.


Google’s phase-out of third-party cookies has been a long time coming, and it’s not too late to make alternative plans. The main thing is that you’re proactive in adapting to the change, and implement a contingency plan to reduce the impact. Finally, keep up to date with the latest news and developments around third-party cookies and data privacy regulations, they’re constantly evolving and you’ll find navigating the landscape way easier by staying in the loop.

To kickstart the new year, we asked the team what their digital marketing predictions are for 2024. We’re keeping an eye on generative AI, omnichannel marketing and the results of game-changing industry cases like the New York Times suit against Microsoft and OpenAI. We also expect to see way more brands focus on social media, particularly leveraging UGC and video marketing to grow and engage their audience.

What’s in store for digital marketing in 2024?


Abi Crosbie, SEO Manager

“2024 is the year of AI finding its place in everyday life. We’ll start to see further roll out of Google’s generative AI,  and those brands using AI to improve work processes will stay ahead of the game. We’ll also see big impacts on the future of AI with the results of the New York Times suit against Microsoft and OpenAI for copyright infringement. Whether this case signals the blow up of AI being able to access anything, or it hobbles AI’s ability to access content to learn from, the outcome is one to watch closely.

I think there’ll be advancements in omnichannel marketing too. There’s been talk for years that other platforms meet the criteria for being search engines and that SEO techniques are transferable to them (think Amazon, Ebay, YouTube and TikTok), but few SEOs have ventured beyond discussion. I think 2024 will see SEOs going beyond a website-only focus, branching out to push the benefit of content on multiple platforms.

The reason we’ll see this is the transformation of the SERPs. Google in particular is adding more SERP features from platforms like X and TikTok into prime SERP positions. This means SEOs pushing for optimised content on these platforms is a technique that will help organic performance, increasing visibility right where we care about it – in search engines.”


Yasmin Rowlands, Social Media Executive

“Platforms like TikTok, Instagram, Facebook, Pinterest and even LinkedIn will continue to heavily invest in creator marketplaces and tools. This will make it even easier for creators to produce and distribute high-quality content, work with brands, and connect better with their audience. I also think we’ll see an increase in brands partnering with influencers and sharing UGC to build trust, credibility and ultimately, sales. Creators being the most authentic will thrive because people want to see real, relatable content that resonates”


Bryn Jones, Technical Director

“It seemed like 2023 was finally the year where the popularity and crucially, the capabilities, of AI and machine learning made a huge leap. In 2024, we’ll continue to see big developments and new ways of using these exciting technologies. You only have to look at the evolution of Midjourney, an image generation tool to see the staggering progress made in a short space of time. As a Web Developer, tools like Copilot and Chat GPT can be incredibly useful (when used in the right way) but they are far from perfect. They often give plausible yet inaccurate answers to prompts, so I definitely expect progress to be made here.”


Leanne Bates, Marketing Manager

“I think we’ll see way more brands putting the spotlight on their internal teams and sharing ‘real people’ stories to engage their audience. I think brands that have been reluctant to start turning to video marketing and while short-form styles will prevail, I do think we’ll see an increase in long-form video and live-streaming.”

Design systems have become a hot topic amongst brand marketers and designers. They’re a great way to bring your brand to life whilst maintaining design consistency and creating a shared vision across teams.

Design systems have become so valuable here at Reckless that we’ve created our own, which we adapt and personalise for different pieces of work. You may be considering doing the same thing, especially if your brand has been evolving for a while and you have various teams working across different projects.

In this blog I’ll explain what a design system is, the benefits of implementing a design system and even, what Lego and user experience (UX) have in common (you read that last bit right…)

What is a design system?

Here’s the perfect definition of a design system from software company Invision:

“A design system is a collection of reusable components, guided by clear standards, that can be assembled together to build any number of applications.”


The purpose of creating a design system is so you can maintain brand consistency across projects. This includes everything from colour palettes and typography to components and spacing. Having one design system brings order to chaos because it enables multiple team members to manage your brand in a way that brings it to life, whilst keeping everything aligned.

Here’s a short video of our design system in action

What are the benefits of a design system?

There are a wide range of benefits to using and maintaining a high-quality design system. For us, we’ve saved time, improved efficiencies and streamlined processes both internally and for our clients.

Here’s a quick overview of the different benefits you could enjoy by implementing your own design system:

Speed up processes

Your design system can contain hundreds of pre-built elements including colours, fonts and icons. Having these in one place allows you to take them straight ‘out of the box’, and use them for wireframing and prototypes. This will save you time and resources remaking common elements over and over again.


Due to the flexible nature of design systems, you’ll be able to quickly prototype ideas, test them with real users and adapt them off the back of your findings.

Eliminate inconsistencies

Design systems allow you to create one central style guide with a set font type, size and weight, as well as brand colours and elements. You can also design different variations for desktop and mobile devices, so your visual language is consistent across all layouts. This is a huge benefit and these changes tend to be quick, simple and easy to implement.

Communication with a common language

You’ll really start to enjoy the benefits once you’ve explained to your team how your design system works and why it’s so important. Explain the functionality, requirements and how the components should behave, so everyone has a shared understanding. Your design system will become your ‘brand guardian’ that keeps everyone on the same page so your brand looks and feels consistent.

Best practice UX

Pre-defining components in your design system helps you ensure a consistent UX across your website too. For example, in our design system, we’ve created a wireframe structure specifically for Shopify, so we can create seamless experiences for each of our clients’ websites.

Here’s an example of some website components we designed for Castle Green Homes.

See how everything looks aligned and on brand? From the colours and icons to shapes and spacing – it all comes together as a result of the pre-defined components.

So, what do Lego and UX have in common?

Well, there tends to be a common misconception that having pre-defined components makes design repetitive, but in our opinion, this is far from the truth. I recently came across a stat which perfectly explains why we feel this way…

How many ways can you combine six 2×4 LEGO bricks of the same colour? The answer is 915,103,766!

The best ways to secure your website from cyber attacks

October is Cybersecurity Awareness Month, marking 20 years since the campaign began. While big security advancements have been made over the years, cyber attacks are unfortunately more common and sophisticated today than ever before.

For context, in 2022 there were around 2.39 million cases of cyber crime across UK businesses. More recently in August 2023, the largest-ever Distributed Denial of Service (DDoS) attack attempted to take down Google, Amazon and Cloudflare. Luckily, this attack was stopped but if it wasn’t, it would have caused an unimaginable amount in damages.

Attacks like this emphasise why you must prioritise your company’s website security, especially if your site generates a lot of revenue. Failing to do so could seriously hurt your business; you could lose significant amounts of money (both revenue and legal fees), damage your brand’s authority and reputation – the stakes really have never been higher. 

In this blog, I’ll share the most effective ways to protect your website from cyber attacks, explaining what a DDoS attack is and steps to mitigate risk. 

There’s also a cyber security glossary here, to help you familiarise yourself with key terms along the way.

What is a DDoS attack?

A DDoS attack is one of the most common types of cyber attacks that can be launched against your website. Generally, the attacker floods your web server with a huge volume of requests to take your site offline as your server collapses.

This is exactly what Google, Amazon Web Services (AWS) and Cloudflare all recently survived. This particular DDoS attack was launched by a relatively small botnet using a new ‘Rapid Reset’ technique. This exploited the commonly used HTTP/2 protocol, leaving each brand’s web servers open and vulnerable. 

The scale of this attack was unprecedented, lasting just two minutes and peaking at 398-million requests per second (rps). That’s more requests than the total number of article views for Wikipedia in the whole of September 2023. What’s more, the largest attack was seven and half times larger than the previous record-breaking DDoS attack, a mere 46-million rps back in June 2022. 

How do I protect my company’s website from cyber attacks? 

There are plenty of ways to reduce the risk of your website being attacked. The best measures depend on your network infrastructure and platform because they have different considerations and some are more vulnerable.

For example, if your website is powered by a popular web application such WordPress or Magento, you’re unfortunately at more risk of being targeted. This is because these platforms power millions of potentially unpatched websites, so finding exploits is more valuable.

However, there are steps you can take, regardless of platform, to add an extra layer of security to your company’s website. Here are four effective ways to protect your website and mitigate the risk of being attacked.

Use Cloudflare

One of the best ways to add extra security to your website is by managing your DNS through Cloudflare. If you choose the “proxied” option, this sits between the internet and your server recognising malicious traffic, caching your site, hiding personal data – the list of security features goes on. The best news is that Cloudflare is free, with the option of upgrading for more features if you need them.

Cloudflare protects against the vulnerability that made the DDoS attack mentioned earlier possible. That’s why no websites using Cloudflare were impacted by the breach, and why implementing Cloudflare is one of the first things we do when we onboard a client.

Keep everything up to date

💻Website platform
Let’s go back to basics. Your website runs on software, and like your phone’s operating system or Xbox game, it needs regular updates. This is often to implement critical bug fixes or security patches that stop vulnerabilities being exploited. You must complete updates fast to prevent cyber attacks, so don’t ignore notifications.

It’s not just your main website platform that needs security updates either. Third party plugins, modules and extensions, as well as your server operating system and services, can also have vulnerabilities. So, it’s important to keep them updated and manage them properly for maximum security.

🔥Antivirus, malware protection and firewalls
Install trusted antivirus and malware protection software on your computer or laptop. These don’t just keep your device safe, they protect your website too. 

Without them, you’re vulnerable to many things including  ‘keylogging’. This is malicious software that records everything you type, including passwords and personal data. If you fall victim, hackers could gain access to any of your online accounts, including your website.

Similarly, have effective firewall software (or hardware in your company’s network infrastructure) set up and running smoothly. This monitors and blocks potentially malicious requests being sent or received by your computer, or other network devices.  

Firewalls do typically exist as part of your website’s hosting infrastructure too. One particularly useful type is a Web Application Firewall (or WAF), which specifically targets HTTP/S traffic. As I mentioned earlier, Cloudflare offers one for proxied traffic. Using WAFs is becoming increasingly common as they offer targeted protection, often with rulesets that can be application specific – for example, if you need to block known exploits specific to WordPress or Magento, or web servers like Apache.

Limit and secure website access

Compromised user accounts are the number one cause of cyber security issues. To prevent this, ensure strong security measures for logging into your website’s CMS. After all, this is where highly sensitive information is stored such as customer contact details, so if a bad actor gains access, the potential implications are enormous.

Here’s a few ways to improve your website’s admin security:

Don’t share logins
Create everyone who needs access to your website’s admin panel their own account. This ensures that you can see who is doing what in your application. Notice that order 820316 was refunded, but not sure why? You can ask Geoff from Sales, rather than seeing the action was performed by ‘Admin’.

Also, assign each user the correct account type or role by implementing the principle of least privilege (PoLP). This means only giving a user the ability to do what they need to do. If someone doesn’t need to create other users or create discount codes, don’t allow them to.

🔐Enforce strong passwords
Always use a minimum password length of 12 characters and a mixture of uppercase, lowercase, numbers and symbols. Avoid dictionary words and any personal information such as names and significant dates. Don’t use the same password across multiple accounts, and set your passwords up to expire regularly. Browsers like Google Chrome typically offer a password manager that suggests strong passwords and stores them on a per site basis. Leverage these to make password management much easier. 

📱Two-factor authentication (2FA)
More and more web applications offer the ability to enable 2FA so if you can, set it up. This requires an additional step on login, which usually involves clicking an email link or providing a code sent to your phone. Without this additional step, authentication will fail, so even if your password is compromised, your account is still protected.

Backups, backups, backups

No matter how careful you are with cybersecurity, having a good backup and disaster recovery plan is always important. Ask yourself, how critical is my data? What is the cost to my business if I experienced data loss or an offline website due to a cyber attack? If the answers fill you with dread and you don’t have a back-up plan in place, now is the time to make one.

💡How do back-ups work?
Nowadays, website infrastructure tends to be virtual or cloud-based, not stored in physical boxes sat in data centres. This means they’re spread across a range of hardware and software, often with redundant copies in different regions. Physical hardware failure was once the most important reason to back up your hardware, but this is less true than it once was.

However, regular off-server and off-network backups are an essential way to protect against attacks. Track your site’s application code in a trusted code repository, and back up transactional data, such as databases and user uploaded files, as frequently as their importance dictates. If your server and infrastructure are compromised, having this copy will enable you to quickly recover – even if that means changing your server or wider infrastructure. 


Website cyber security is complex, and specific advice is not possible without knowing your business’ infrastructure. Updating software, using a WAF, setting strong user permissions, and making backups are important, but they are just the basics. 

That’s why we highly recommend having a web maintenance plan, either with your in-house IT team or a maintenance contract with an external agency. This way, your website’s security is kept up to date and you have people constantly monitoring for potential threats and fixing issues fast. Without this, the potential for hugely costly data breaches is all too real. 

Cyber security glossary

Antivirus: A software program designed to detect, prevent, and remove malicious software (malware) from computer systems to protect them from security threats.

Bad actor: An individual or entity that engages in unethical, malicious, or harmful actions, in this case in the context of cybersecurity.

DNS: A Domain Name System (DNS) translates human-readable domain names (e.g. into IP addresses (IP 123.45.68). This enables computers to locate and communicate with each other on the internet.

Firewalls: A security barrier that filters and controls network traffic to protect against unauthorised access and security threats.

HTTP/2 protocol: An improved web protocol that makes web pages load faster by allowing multiple requests and responses to happen simultaneously on a single connection.

Malware: Any software intentionally designed to cause harm, steal data, or disrupt computer systems and networks.

Security patching: The process of applying updates or fixes to software, operating systems, or applications to address known vulnerabilities and enhance security.

Software: A set of instructions and programs that enable a computer or other device to perform specific tasks, processes, or functions.

Web app: A software program or application that is accessed and operated through a web browser and provides various interactive functions or services to users.

A bit about Reckless
We’re an e-commerce digital marketing agency in Liverpool, Chester and Manchester. We support brands with custom website builds and maintenance, bespoke software development, paid media, SEO and online marketplaces. If you need support with website maintenance and cyber security, drop us a message in the form below. We’d love to chat ☕