The problem
SA-based WordPress site owners had no affordable audit tool that flagged POPIA non-compliance alongside the usual security, performance, SEO, and accessibility checks. The US-built tools do not know what POPIA is. The local options were manual audits that cost more than most small sites earn in a month.
What we built
A real WordPress plugin, not a hosted report tool. Audit checks run on-site against the live installation. Results are stored in a custom WP database table so historical scores can be tracked over time.
Four free axes:
- Security: exposed debug information, user enumeration, outdated plugin detection, file permission checks.
- Performance: image optimisation flags, render-blocking resources, Core Web Vitals advisory checks.
- SEO: missing meta, thin content detection, broken internal links, canonical issues.
- Accessibility: missing alt text, contrast advisory, form label coverage, ARIA basics.
Three Pro axes behind a license gate: POPIA compliance checks, advanced security scanning, and a custom recommendations engine that prioritises fixes by estimated impact.
The POPIA wedge
POPIA compliance is the differentiator. SA sites have specific obligations around data collection disclosure, cookie consent scope, third-party data sharing, and contact form handling that no US-built plugin checks for. SiteLens flags these specifically, with plain-language explanations and suggested remediation steps.
Outcome
- SiteLens 0.1.0 live on staging, wp.org submission pipeline prepared.
- Four free audit axes covering security, performance, SEO, and accessibility.
- POPIA-specific checks that no US-built competitor covers.
- On-site processing: results stored in WP, no data sent to external servers.