Hiring an e-commerce developer without vetting their actual work is like buying inventory sight unseen. A live site audit—examining a candidate's previous projects in real time—reveals technical competence, design decisions, and performance issues that a portfolio alone can't capture. This guide walks you through what to scrutinize and how to spot red flags before signing a contract.
Why Live Site Audits Matter More Than Portfolios
A static portfolio screenshot shows what a site looked like months or years ago. A live audit shows what it does now—and whether the developer maintained it properly. You'll uncover slow load times, broken integrations, outdated payment gateways, and poor mobile experiences that directly impact your future sales. You're also assessing whether the developer's code quality holds up under real traffic and platform updates.
The Technical Checklist: What to Test
Start with the obvious performance metrics. Load a product page and time it—anything over 3 seconds on a standard connection is a yellow flag. Check mobile responsiveness by rotating your phone; buttons should be clickable, images shouldn't be cut off, and checkout shouldn't require horizontal scrolling.
Test the full checkout flow as a customer. Does cart persistence work? Can you apply coupon codes? Do payment methods (Stripe, PayPal, Square) process cleanly, and is the redirect back to an order confirmation page smooth? Abandoned cart recovery is often glossed over—check if the site sends follow-up emails and whether they're actually functional links.
Inspect the product filtering and search. Type a vague query ("blue shirt") and see if results load quickly. Can you filter by price, size, color, or other attributes without page reloads? Poor search implementation tanks conversion rates and is a common developer shortcut.
Security and Compliance Indicators
Check the SSL certificate—your browser should show a padlock icon without warnings. Visit the checkout page and verify HTTPS is active (not just on the homepage). Look for PCI compliance badges or security certifications, though their absence doesn't always mean danger.
Try entering obviously bad data into forms. Do validation errors appear clearly? Can you brute-force the customer account login, or is there rate-limiting? These details reveal whether the developer considered security from the start or bolted it on later.
Backend Signs of Quality
Ask the developer for read-only access to their CMS (Shopify, WooCommerce, custom solution, etc.). You're looking for:
- Organized product data: Are SKUs structured? Are images properly tagged? Is inventory managed with version control?
- Documented custom code: Comments in the codebase, even if minimal, show professionalism.
- Backup and recovery: When was the last backup? Is there a rollback plan if something breaks?
- Plugin/extension bloat: Too many third-party tools often signal lazy development and future maintenance headaches.
Questions to Ask During the Audit
After examining a live site, ask the developer:
- "What's your typical page load time target, and how do you measure it?" Vague answers ("it's fast enough") suggest they don't prioritize performance.
- "Walk me through your testing process before deployment." You want to hear about staging environments, load testing, and cross-browser checks—not just launching to production.
- "How do you handle platform updates?" If they rely on auto-updates without testing, you're vulnerable to breaking changes.
Common Red Flags
Slow or unresponsive sites, broken product images, payment processing errors, or outdated copyright dates in the footer all suggest the developer isn't maintaining the site. Dead links, grammar errors in product descriptions, and inconsistent branding indicate lack of attention to detail. If a live site has been abandoned for months, expect the same approach to your project.
Realistic Timelines and Costs
A proper live site audit takes 1–2 hours for a single project. If you're comparing multiple developers, allocate half a day. Request access to at least 2–3 projects per candidate. Most reputable developers will grant read-only access without hesitation; if they refuse, that's a dealbreaker.
Platforms like Mercoly help you compare and evaluate trusted e-commerce development providers in one place, so you can review their live projects side-by-side before committing.
Frequently Asked Questions
Q: What's the difference between auditing Shopify stores versus custom-built sites? A: Shopify stores are template-based, so you're evaluating theme customization, app choices, and data organization. Custom sites reveal deeper technical skill—look for clean code architecture and proper deployment practices.
Q: How much should I pay for a custom e-commerce site, and what does performance cost? A: Expect $8,000–$50,000+ depending on complexity; higher budgets typically yield better performance optimization, security, and scalability. Cheap builds often skip performance tuning, leading to 5+ second load times.
Q: Can I request a performance report before hiring? A: Yes—ask developers to run a Google Lighthouse audit or GTmetrix report on one of their live projects and share the results. This costs them nothing and filters out those who avoid transparency.
Start auditing live projects today to hire developers who deliver, not just promise.