SEO Report: nfi.no
Generated 8 de maio de 2026 · 27 findings · 2.6s
Institutional websites prioritize accessibility, security, and proper indexing — citizens and stakeholders need easy access to relevant information.
Score Breakdown
Average General score: 50
Score Projection
Estimated improvement based on the findings in this report
Ready to improve your SEO?
Start a free trial and see how your score can improve.
Module Breakdown
All Findings (23)
Medium (10)
- mediumheaders
Missing content-security-policy
CSP header is missing. The site may be vulnerable to XSS attacks.
Add a Content-Security-Policy header to restrict resource loading
- mediumheaders
Missing x-content-type-options
X-Content-Type-Options is missing. MIME-sniffing attacks are possible.
Add X-Content-Type-Options: nosniff header
- mediumheaders
Missing x-frame-options
X-Frame-Options is missing. The site may be vulnerable to clickjacking.
Add X-Frame-Options: DENY or SAMEORIGIN header
- mediummeta
Title too short
Title is 10 characters (recommended: 50-60)
Write a more descriptive title (50-60 characters)
- mediummeta
Meta description too short
Description is 31 characters (recommended: 120-160)
Write a more detailed meta description
- mediumstructured data
No structured data found
No JSON-LD schemas detected on the page
Add structured data (Organization, WebSite, BreadcrumbList) for rich search results
- mediumcontent
Low keyword relevance
Only 0% of title keywords appear in body text
Ensure the page content includes the keywords from the title
- mediumbrand checker
No Organization schema
No Organization JSON-LD found
Add Organization structured data with name, logo, and contact information
- mediumlog analyzer
X-Powered-By header exposed
X-Powered-By: Craft CMS,SEOmatic
Remove the X-Powered-By header to reduce information leakage
- mediumreputation
No review platform links found
No links to Trustpilot, Google Business, TripAdvisor, Yelp, G2, Capterra, or Glassdoor detected on the homepage
Add links to your review profiles to build trust signals and improve local SEO
Low (13)
- lowcookies
1 cookie missing SameSite attribute
Missing SameSite defaults to Lax in modern browsers but should be explicit
Set SameSite=Strict or SameSite=Lax on all cookies
- lowdns
DMARC policy is 'none'
DMARC is set but policy is 'none' (monitoring only).
Consider upgrading DMARC policy to 'quarantine' or 'reject'
- lowdns
Only one MX record (no redundancy)
A single MX record means no failover if the mail server goes down.
Add a secondary MX record for email redundancy
- lowheaders
Missing permissions-policy
Permissions-Policy is missing.
Add Permissions-Policy to restrict browser feature access
- lowheaders
HSTS max-age too short
HSTS max-age is 15552000s (recommended: 31536000)
Set max-age to at least 31536000 (1 year)
- lowheaders
X-Powered-By exposes technology
X-Powered-By: Craft CMS,SEOmatic
Remove the X-Powered-By header
- lowcontent
Low text-to-HTML ratio
Text/HTML ratio is 3% (recommended: >5%)
Consider adding more descriptive text content
- lowcontent
Lazy images without dimensions
1 lazy-loaded images lack width/height — causes layout shift
Add width and height attributes to lazy-loaded images
- lowmobile
Unresponsive images
9 images lack srcset or responsive sizing
Use srcset and sizes attributes for responsive images
- lowrate limits
No rate limiting detected
No explicit rate-limit headers or 429 responses detected. Cloudflare WAF provides platform-level protection.
Implement rate limiting (e.g., 429 Too Many Requests) to protect against brute-force attacks
- lownews mentions
No press page on site
Found 7 external mentions but no dedicated press page
Create a /press or /news section to aggregate and amplify media coverage
- lowbrand checker
No WebSite schema
No WebSite JSON-LD found
Add WebSite structured data for sitelinks search box in Google
- lowreputation
Only 0 sameAs entries
Found 0 sameAs URLs across all JSON-LD entities — search engines use sameAs to verify brand identity
Add sameAs URLs for all your social profiles, Wikipedia page, and business directory listings (aim for 3+)
AI Fix Prompt
Copy this prompt into ChatGPT or Claude to get step-by-step fix instructions
Fix all SEO issues found in the audit of nfi.no.
Prioritize high-severity issues first, then medium. For each fix, make the actual code change — don't just describe what to do.
```json
{
"domain": "nfi.no",
"scores": {
"overall": 91,
"performance": 0,
"seo": 91,
"accessibility": 100,
"bestPractices": 96,
"security": 84
},
"findings": [
{
"module": "headers",
"severity": "medium",
"title": "Missing content-security-policy",
"description": "CSP header is missing. The site may be vulnerable to XSS attacks.",
"recommendation": "Add a Content-Security-Policy header to restrict resource loading"
},
{
"module": "headers",
"severity": "medium",
"title": "Missing x-content-type-options",
"description": "X-Content-Type-Options is missing. MIME-sniffing attacks are possible.",
"recommendation": "Add X-Content-Type-Options: nosniff header"
},
{
"module": "headers",
"severity": "medium",
"title": "Missing x-frame-options",
"description": "X-Frame-Options is missing. The site may be vulnerable to clickjacking.",
"recommendation": "Add X-Frame-Options: DENY or SAMEORIGIN header"
},
{
"module": "meta",
"severity": "medium",
"title": "Title too short",
"description": "Title is 10 characters (recommended: 50-60)",
"recommendation": "Write a more descriptive title (50-60 characters)"
},
{
"module": "meta",
"severity": "medium",
"title": "Meta description too short",
"description": "Description is 31 characters (recommended: 120-160)",
"recommendation": "Write a more detailed meta description"
},
{
"module": "structured-data",
"severity": "medium",
"title": "No structured data found",
"description": "No JSON-LD schemas detected on the page",
"recommendation": "Add structured data (Organization, WebSite, BreadcrumbList) for rich search results"
},
{
"module": "content",
"severity": "medium",
"title": "Low keyword relevance",
"description": "Only 0% of title keywords appear in body text",
"recommendation": "Ensure the page content includes the keywords from the title"
},
{
"module": "brand-checker",
"severity": "medium",
"title": "No Organization schema",
"description": "No Organization JSON-LD found",
"recommendation": "Add Organization structured data with name, logo, and contact information"
},
{
"module": "log-analyzer",
"severity": "medium",
"title": "X-Powered-By header exposed",
"description": "X-Powered-By: Craft CMS,SEOmatic",
"recommendation": "Remove the X-Powered-By header to reduce information leakage"
},
{
"module": "reputation",
"severity": "medium",
"title": "No review platform links found",
"description": "No links to Trustpilot, Google Business, TripAdvisor, Yelp, G2, Capterra, or Glassdoor detected on the homepage",
"recommendation": "Add links to your review profiles to build trust signals and improve local SEO"
}
]
}
```Recommendations for your industry
- 1Ensure WCAG 2.1 AA compliance
- 2Implement all recommended security headers
- 3Ensure sitemap covers all important pages
- 4Optimize page load time to under 2 seconds
- 5Ensure responsive design on all pages
SEO Checklist for General
Tips for Mixed websites
- →Define clear landing pages for each segment
- →Use different meta strategies per page group
- →Segment sitemap by content type
Local SEO Context
Norway has Scandinavia's highest digital purchasing power per capita.