The Shopify SEO Audit We Run on Every New Client

Most Shopify SEO audits are theatre. A PDF arrives with a hundred items in red, screenshots from Screaming Frog, a generic note to "improve page speed," and an invoice for two thousand dollars. The merchant reads it once and never implements more than three items because nobody told them which three actually move rankings and in what order.

What follows is the full audit we run on every new Shopify client. Forty-one items, grouped into the six areas that matter in 2026, with the sequencing logic made explicit because sequencing is where most audits fail. An item that is correct but implemented at the wrong stage will at best waste effort and at worst actively hurt rankings. Fixing titles on pages Google has decided not to index is a popular way to burn a week. Fixing internal links to URLs that resolve to the wrong canonical is another.

This is also Shopify-specific. The platform has defaults that need overriding, and those defaults are the largest reason Shopify stores underperform WordPress and custom builds on organic traffic.

Technical foundations come first because nothing else works without them

Start with crawl and indexation, because every downstream optimisation depends on Google seeing the right URLs. The first item is a crawl budget sanity check. Shopify generates parameter URLs prolifically, every ?variant= on a product, every ?sort_by= and ?filter. on a collection, every internal search result, and large stores can have Googlebot spending half its budget on URLs that should never have been crawled in the first place. A log file analysis or a Search Console crawl stats review tells you how much of the budget is being wasted.

The second item is the robots.txt.liquid override. Shopify's default robots file blocks the obvious paths like /checkout, /cart, and /orders, but it does nothing about faceted collection parameters, and the defaults have not changed in years while theme patterns have. A proper override adds disallow rules for sort parameters, filter parameters, the internal /search endpoint, and any app-injected paths that create near-duplicate crawl targets. This is the single most impactful technical fix on large catalogues, and Shopify hides it three menus deep because most merchants should not touch it without knowing what they are doing.

Third is canonical tag correctness. Shopify auto-injects a canonical link on product pages pointing to the root /products/handle URL, which is correct, but the same product appearing inside a collection URL like /collections/summer/products/handle also renders with its own canonical, and themes occasionally emit the collection-scoped URL as canonical instead of the root. The audit verifies every product type has the root canonical, and that collection pages with filter parameters self-canonicalise to the clean collection URL rather than to the parameterised version Google happens to have crawled.

Fourth is the sitemap. Shopify generates /sitemap.xml automatically with sub-sitemaps for products, collections, pages, and blog posts. The audit confirms that the sitemap is submitted in Search Console, that draft and hidden products are excluded, that the product count matches the active catalogue, and that lastmod timestamps are genuine rather than every URL sharing the same date. Fifth is the indexation gap, comparing the submitted sitemap count against the Coverage report, categorising every URL in the Crawled, currently not indexed and Discovered, currently not indexed buckets, and understanding why.

Sixth is HTTPS and mixed content. Shopify is fully HTTPS by default, but apps frequently inject assets over HTTP, particularly older review widgets and analytics snippets, which silently downgrade the page and flag in the console. Seventh is duplicate content triage, specifically the /collections/all page that Shopify auto-generates and which almost always duplicates the primary catalogue, plus tag pages and vendor pages that the default theme exposes without any override. These should be noindexed or canonicalised to their primary equivalents.

Eighth is pagination handling. Google deprecated rel=next/prev in 2019, and Shopify themes have been slow to catch up. Paginated collection pages should self-canonicalise rather than canonicalising back to page one, and if the theme uses infinite scroll it must progressively update the URL so that page-two content is crawlable as a distinct URL. Ninth is Core Web Vitals, which in 2026 means LCP under two and a half seconds, INP under two hundred milliseconds since it replaced FID in 2024, and CLS under a tenth. Most Shopify themes ship with LCP around three seconds on mobile because the hero image is not preloaded and the theme CSS is two hundred kilobytes of unused rules.

Tenth is mobile usability, which covers tap target spacing, viewport meta correctness, and font-size at sixteen pixels or above so iOS Safari does not trigger auto-zoom on input focus. Eleventh is JavaScript rendering. Googlebot renders JS now, but it does so on a delay, and content injected client-side by review apps, product recommendation engines, or dynamic pricing apps can take days to enter the index. Where possible this content should be server-rendered via theme app extensions rather than client-injected. Twelfth is URL slug hygiene, auditing handle length, trailing slash consistency, and the presence of historical redirects for any product whose handle has been changed.

On-page optimisation is faster than technical but only if the foundations hold

With indexation settled, on-page work becomes worthwhile. Thirteenth is the title tag pattern. Shopify's default title on a product page is {product.title}, {shop.name}, which wastes the most valuable element of the SERP listing. A proper override in theme.liquid uses a collection-aware template that surfaces category terms for products that belong to keyword-rich collections, and falls back cleanly for those that do not. Fourteenth is the meta description. Shopify auto-truncates the first hundred and sixty characters of the product description as the default meta, which produces unreadable fragments for any product whose description opens with a brand paragraph. Hand-writing meta descriptions for the top twenty percent of pages by traffic potential is a two-hour job that lifts CTR measurably.

Fifteenth is H1 uniqueness. The theme should emit product.title as a single H1 per page, and audits regularly find themes that render a duplicate H1 inside a drawer or a mobile variant of the header. Sixteenth is heading hierarchy. H2 for major sections, H3 for specs and sub-features, no skipped levels, no H4 used cosmetically because the theme designer wanted smaller text. Seventeenth is image alt text. Shopify defaults alt text to the filename, which is usually a string of dashes and numbers, and Shopify's media library does not make bulk alt edits easy. A Matrixify export, edit, and reimport is the fastest path through a thousand-product catalogue.

Eighteenth is image weight and format. Shopify's CDN serves WebP automatically to supporting browsers and respects the width parameter for responsive srcsets, but themes frequently request full-resolution originals for thumbnails because the designer forgot to add the parameter. The LCP image specifically should be preloaded via a <link rel="preload" as="image"> hint injected into the head of the product template. Nineteenth is URL handle audit. Shopify auto-generates handles from product titles, which usually works, but manual overrides are worth the effort for keyword targeting on high-value products and for consolidating variants that used to be separate products with different handles.

Twentieth is internal anchor text. Collection pages use the product title as the anchor when linking to the product card, which is generally good, but footer and navigation anchors frequently use generic phrases like "shop now" or "see all" where a category term would carry more weight. Twenty-first is breadcrumbs. Visible breadcrumbs on product and collection pages, paired with BreadcrumbList JSON-LD, give Google the hierarchy signal and give users a secondary navigation path. Theme support varies wildly, and several popular themes render breadcrumbs visually without emitting the schema. Twenty-second is OpenGraph and Twitter card metadata, which does not affect ranking directly but affects social CTR and therefore the branded search volume that does.

Content depth is where most Shopify stores lose to competitors who take it seriously

Shopify makes it easy to publish a store and hard to publish content, and this shows in the audit. Twenty-third is collection description depth. The default collection template in most themes renders the product grid and nothing else, no body copy, no context, no topical signal. Adding a two-to-four-hundred-word introduction above or below the grid, written with the target query in mind, is the single most underrated content lever on the platform. It is also where competing with WordPress category pages becomes possible.

Twenty-fourth is product description depth and originality. Three hundred words minimum, written in the merchant's voice, not copy-pasted from the manufacturer's sell sheet. Duplicate descriptions across dropshipping stores are the reason entire niches have collapsed out of the index. Twenty-fifth is blog topical structure. Shopify defaults the blog to /blogs/news, which treats every post as equal regardless of topic. Segmenting into topical hubs mapped to collection pages and linking back from each post to its parent collection creates the hub-and-spoke pattern that internal links are supposed to reward.

Twenty-sixth is FAQ content on product pages. Answer-box queries around sizing, shipping, returns, and compatibility belong directly on the page, structured with FAQPage JSON-LD where the site qualifies for rich results. Google restricted FAQ rich results to authoritative sites in 2023, which means most stores no longer get the visual treatment, but the structured data still feeds entity understanding and the content still answers real user questions. Twenty-seventh is cannibalisation, which happens whenever multiple collection pages or tag pages target the same query. The audit identifies these clashes and consolidates, usually by redirecting the weaker URL and merging its content into the stronger one.

Twenty-eighth is EEAT signalling. Shopify does nothing about this by default. Author bios on blog posts, a genuine about page with real names and photographs, visible press mentions, and customer count or shipment count badges that are actually true are all content items that shift Google's confidence in the store as a source. Twenty-ninth is freshness. The sitemap lastmod values, the cadence of collection description updates, and the blog publishing rhythm together tell Google whether the site is actively maintained or abandoned.

Links fail silently, which is why they are audited after everything they depend on

Thirtieth is internal linking from blog posts to collections. The common pattern is for blog posts to link to specific product pages, which makes sense to the merchant writing the post but misses the point structurally. Collection pages are usually the ones that rank for category queries, because they aggregate authority across all the products they contain. A blog post linking to the parent collection passes authority to the page that is actually competing, and the collection then passes it down to individual products.

Thirty-first is the orphan audit. A full crawl with Screaming Frog or Sitebulb, compared against the sitemap and the product catalogue, exposes pages that exist but are not linked from anywhere, and pages that are linked from somewhere but are no longer in the catalogue. Shopify apps that remove products often leave dead internal links in blog posts and collection descriptions. Thirty-second is the backlink profile. An Ahrefs or Majestic audit for spammy domains pointing in, followed by a disavow file for the genuinely toxic ones, not every low-DR link that looks suspicious.

Thirty-third is broken internal links generally, 404s emitted by the store itself, usually caused by app uninstalls or manual product deletions. Thirty-fourth is redirect hygiene. Shopify's URL redirects panel holds up to a hundred thousand entries, which sounds generous until you realise that merging product lines or migrating from another platform can consume ten thousand in one import. Audit for redirect chains where A redirects to B redirects to C, collapse them to direct hops, and audit for accidental 302s where 301s are intended.

Rich results depend on schema that most themes do not emit correctly

Thirty-fifth is product schema. Shopify's default theme emits Product and Offer JSON-LD on product pages, with image, price, and availability. Audit that priceValidUntil is present on sale items, that aggregateRating is emitted only when real reviews exist, and that the schema validates cleanly in the Rich Results Test without warnings for missing optional fields that Google is gradually making required.

Thirty-sixth is the 2024 merchant listing requirement. Google now requires shippingDetails and hasMerchantReturnPolicy on product schema for eligibility in the free shopping surfaces and merchant listing rich results in the United States, and most Shopify themes including Dawn and Refresh do not emit these by default. Adding them requires either a theme.liquid edit that reads shipping zones and return policies from shop settings, or an app like the official Shopify Schema app or a third-party equivalent that injects them. This is the single most impactful rich-result fix of the past two years and the one most audits miss.

Thirty-seventh is review schema integrity. Reviews apps emit their own JSON-LD, and themes emit theirs, and the two frequently conflict, producing duplicate or contradictory ratings that Google ignores. The audit identifies which source is authoritative and removes the other. Thirty-eighth is Organization schema on the homepage, with sameAs links to verified social profiles, the logo URL, and contact information, which feeds the Knowledge Panel that brand searches increasingly depend on.

The international layer sits alongside rich results because both depend on metadata the theme must emit correctly. Thirty-ninth is hreflang. Shopify Markets auto-injects hreflang tags when multiple markets are configured, but auto-injection is only as correct as the market configuration, and audits regularly find self-referencing errors, missing x-default declarations, or hreflang pointing at unpublished market URLs. A dedicated hreflang crawl tool confirms every locale self-references and cross-references its siblings symmetrically.

Fortieth is the currency and language URL structure. Shopify Markets uses country-code subfolders like /en-gb/ or /fr/, which is the right pattern for most stores, but some merchants historically launched on ccTLDs and now run hybrid setups that confuse Google about which version to rank. The audit confirms one pattern is chosen and the others redirect or decommission cleanly. Forty-first is localised content duplication. Running the same English copy across /us/, /uk/, /au/, and /ca/ without hreflang means four pages compete for the same query, and Google picks one while suppressing the others in the regions where they should win. Either localise the copy genuinely or ensure hreflang is pristine.

How we scope this at WitsCode →

The forty-one items above are not an equal list. They are a dependency graph. Indexation fixes first, because every other optimisation targets URLs that Google must be willing to crawl and index. Canonical correctness before title rewrites, because rewriting a title on a URL that canonicalises elsewhere is wasted work. Core Web Vitals before aggressive content expansion, because more content usually means more CSS and JavaScript, and a slow page with excellent content will still lose to a fast page with adequate content on mobile traffic. Internal linking last, because internal links should only point at URLs that are indexable, canonical, fast, and worth ranking. This is why audits that arrive as a flat list of a hundred items fail. The merchant implements the easy wins first, and the easy wins are always the on-page items. They rewrite titles, add alt text, tweak meta descriptions, and then wonder why rankings have not moved. Rankings have not moved because the underlying indexation and canonical problems were never addressed, which means the optimisation was applied to URLs Google had already decided not to trust.

The audit above is what we run as a fixed-scope engagement at WitsCode. Flat fee, delivered as a prioritised roadmap rather than a PDF catalogue, with the sequencing applied so the merchant knows which fortnight of work unlocks which next fortnight. The deliverable includes a one-page executive view, the full forty-one-item assessment with severity and effort tagged, and a remediation plan that sorts by dependency rather than by ease. Clients who want WitsCode to execute the remediation move into an implementation retainer. Clients who want to hand it to their in-house developer take the roadmap and go. If your last SEO audit looked like a highlight reel of everything wrong with your store with no guidance on the order of operations, book the fixed-scope audit and receive the version that tells you what to do first, what to do second, and what not to do at all.