Back to blog
7 min read
Strategy

Cold Auditing: How to Approach Prospects Without Access to Their Site

Orilyt audits are 100% external. No plugin, no credentials, no risk. Just a URL and 2 minutes to get a complete report that becomes your best sales argument.

Key Takeaways
  • An Orilyt audit is 100% external — no admin access, no plugin, no credentials needed.
  • The audit report IS your pitch: it shows real problems with concrete scores, without asking anything from the prospect.
  • Value-based prospecting (give before you ask) gets 3 to 5 times more replies than classic cold emailing.

Why cold auditing works

Classic prospecting relies on a promise: "I can improve your site." The prospect has no reason to believe you — they receive 10 identical messages every week.

Cold auditing flips the dynamic. Instead of promising, you show. The report contains objective data about the prospect's site: overall score, security flaws, SEO issues, load time. You don't ask for anything — you give.

This is possible because Orilyt audits 100% externally. The engine analyzes what any visitor can see: HTML, HTTP headers, DNS records, SSL certificate, performance via PageSpeed. No admin access. No plugin. No credentials.

Cold audit flow: URL input, external scan, report sent, meeting — no access required

Step 1 — Find your prospects

Cold auditing works on any publicly accessible WordPress site. Here's where to look:

  1. Google Maps — search for local businesses in your area (restaurants, trades, offices, real estate agencies). Many have aging WordPress sites.
  2. LinkedIn — spot agencies or freelancers who don't offer "technical audit" in their services. Their own site is often auditable.
  3. Professional directories — chambers of commerce, industry federations, local listings. SMBs are abundant with rarely maintained sites.
  4. Daily browsing — every WordPress site you come across is a potential prospect. Make a habit of noting URLs.

Focus on sites showing visible signs of issues: no HTTPS (missing padlock), slow loading, dated design, visible errors. These sites need help the most — and their owners are the most receptive.

Step 2 — Run the free audit

Go to Orilyt, enter the prospect's URL, and run the audit. In 2 minutes, you get a complete report with 56 automated tests:

  1. Security — SSL, vulnerable plugins, exposed WordPress version, XML-RPC, Safe Browsing, IP reputation
  2. Performance — TTFB, page weight, compression, browser caching, lazy loading, blocking JavaScript
  3. SEO — meta title/description, headings, canonical, Open Graph, sitemap, robots.txt
  4. UX and accessibility — keyboard navigation, contrast, legal pages, mobile friendly

Everything is analyzed externally. The prospect doesn't need to do anything, install anything, or authorize anything. They don't even know you ran the audit.

Step 3 — The report is your pitch

This is where cold auditing stands apart from any other sales approach. You don't need to craft an argument — the report does it for you.

The FIA report (Fidelity, Integrity, Accessibility) contains:

  1. An overall score out of 100 — immediately understandable, even for non-technical people
  2. Section scores — performance, security, SEO, UX — that identify the main weaknesses
  3. Concrete recommendations — what to fix, where to fix it, with code examples when relevant
  4. An AI summary — that synthesizes priorities in accessible language

The report is objective. It's data, not marketing. The prospect immediately sees that you did real work on their specific site.

Step 4 — Send the report

Send the report to the prospect with a short message. No selling, no pressure — just value:

"Hi [First Name], I analyzed [site-name.com] with a WordPress audit tool. Your score: [XX]/100. I identified [X] priority improvement areas. The full report is here: [link]. If these findings resonate, I'd be happy to discuss."

The email is unsolicited but useful. You're not asking for a meeting — you're offering information the prospect didn't have. The nuance is fundamental.

Use the shareable report link (not a PDF attachment). The prospect can view it in one click, and you can track opens.

Step 5 — The meeting

When the prospect agrees to a call (and they will more often than you think), the report structures the conversation:

  1. Walk through the results together — the report is visual, with color-coded scores and clear recommendations
  2. Focus on the 3 most critical issues — don't drown the prospect in 56 tests
  3. Explain the business impact — "that 4-second load time drives away 53% of your mobile visitors"
  4. Propose a concrete action plan — with scope, timeline, and price to fix the priorities

You're not in a salesperson position — you're in an expert position, having already diagnosed the problem. Trust is established before the call even starts.

Why this method converts

Cold auditing works because it respects a simple principle: give value before asking for anything.

  1. You give before you ask — the report is free, useful, and personalized. The prospect feels helped, not pitched.
  2. You demonstrate expertise with proof — not vague promises, but concrete data about the prospect's site.
  3. The report is objective — these are automated tests, not your opinion. The prospect can verify every point.
  4. You stand out from 99% of freelancers — who send generic emails without having analyzed the site.

The result: a 15-25% response rate — versus 3% for classic cold email. And when the prospect replies, the conversation is already solution-oriented.

The ethics of cold auditing

Cold auditing is powerful, but it comes with responsibility. A few rules:

  1. Be transparent — clearly state that you're a freelancer/agency offering your services. Don't pretend to be an official organization.
  2. Don't use FUD — don't dramatize the results. "Your site has 3 areas for improvement" is more honest than "Your site is in critical danger."
  3. Respect refusals — if the prospect doesn't respond or declines, don't insist. One follow-up at D+7 with a new audit is acceptable, no more.
  4. Protect data — the audit is public (HTML, headers), but never share results with third parties without permission.

The goal isn't to scare — it's to help. The prospect should leave the exchange having learned something useful, whether they become a client or not.

The complete workflow in 15 minutes

Here's the optimized cold audit process:

  1. Identify the prospect — spot a WordPress site via Google Maps, LinkedIn, or browsing (2 min)
  2. Run the Orilyt audit — enter the URL, wait for results (2 min)
  3. Analyze the report — identify the 3 most critical issues (3 min)
  4. Write the personalized email — insert the score, issues, and report link (5 min)
  5. Send — and move on to the next prospect (1 min)

15 minutes per prospect. 5 prospects per day. 25 qualified contacts per week — with a response rate 3 to 5 times higher than classic cold emailing.

Classic cold email sells a promise. Cold auditing sells proof. That's the difference.

Cold auditing: the secret weapon of prospecting

Cold auditing transforms prospecting into a service. Instead of interrupting, you help. Instead of promising, you show. Instead of asking, you give.

With Orilyt, the entire process is possible because the audit is 100% external. No technical barrier. No prerequisites. Any publicly accessible WordPress site can be audited in 2 minutes.

The cost: 1 credit per audited prospect. If just one email out of 10 turns into a contract, the return on investment is immediate.

Ready to prospect with data?
Run a free audit on a prospect's site and send your first cold audit today.
Run a free audit
Prospecting Cold Audit Freelance Agency Strategy Sales
Previous Why WordPress audits are often unusable for clients Next 5 emails de prospection basés sur un rapport d'audit