Skip to main content

How Patches work in Site Audit

Patches let you fix simple issues on your website with one click, right in Site Audit. This explains how they work and how to set them up.

Yuri Yeromenko avatar
Written by Yuri Yeromenko
Updated this week

What are Patches?

Patches let you fix issues and make changes on your website directly from Site Audit. Think of Patches more as a quick and temporary fix. If you need to fix something critical urgently and don't have time to ask your developers, or if you want to test something with the ability to easily roll it back before making the final change on your side, you can use Patches for that.

What can you use Patches to change on a page?

Currently in the first release of this feature, it only allows you to patch two fields: Title and Meta description. More fields are coming soon. We have plans to allow managing redirects, canonicals, robots meta tags, as well as adding and updating internal links, and lots more.

How to use Patches?

To create a Patch, you need to open an issue related to page titles or meta descriptions, or open a filter preset related to them in Page explorer, or add these fields there manually. Patchable issues are marked with a bolt icon in the All issues report.

You will see a "Patch it" input in the report next to titles and meta descriptions for each page in the report. You can draft a new title or meta description, and when all set, publish it live on your website.

Patches statuses

Patches can be saved as drafts, published, or unpublished. You can take your time and draft a title or meta description before publishing. Drafts are saved automatically when you type. And once published, you can unpublish it at any time to undo a patch.

The current status of a patch as well as the available actions can be found in the "Patch it" input:

You can also track the full history of any patch. If you're not sure when a patch was published or who edited your draft, that's the place to look at. The "Show history" link is available in the context menu of any patch.

Patches report

Even though it's convenient to patch issues right in issue reports, there's also a dedicated "Patches report" where you can view and manage all patches you ever created for your site. You can access this report from the header, which also shows the number of currently published patches.

The Patches report allows you to filter patches by their status and page URL, export your patches, as well as make all the same actions with patches as in issue reports or Page explorer. This report also allows to configure the Patches deployment.

Setting up Patches deployment

To start configuring the deployment, click the "Set up deployment" button in the Patches report header.

You can deploy patches to your site in two ways:

JavaScript snippet

To enable Site Audit to make changes to your pages, you will need to add a small JavaScript snippet to the <head> section of every page on your site. The JavaScript snippet is generated and provided during the deployment configuration.

This snippet calls a unique JavaScript file hosted by Ahrefs. All the patches that you publish are added there and applied client-side when a browser or bot executes JavaScript on the page. Note that bots that don’t execute JavaScript when visiting your page, won’t see the changes. But Google renders pages before ranking them, so this usually isn’t an issue.

You can turn JavaScript deployment on or off at any time. If you deactivate it while patches are live, you’ll be prompted to confirm they’ll be unpublished.

Cloudflare worker

If you’re on Cloudflare, you can let Site Audit run a worker in your Cloudflare account to apply patches on the server side, so both the raw HTML and the rendered page include your changes. This is especially important for tags like <link rel="canonical"> or <meta name="robots">, since Google checks both versions before deciding which to honor.

Here’s how it works:

  1. Create an API token

    You’ll be asked to grant Ahrefs permission to create a Cloudflare worker in your account by providing an API token. In your Cloudflare dashboard, generate a token scoped to your site’s zone with these permissions:

    • Account > Workers Scripts: Edit

    • Zone > Workers Routes: Edit

    • Zone > Zone: Read

  2. One-time worker creation

    Site Audit uses your token to install a worker in your account and, for enhanced security, immediately discards the token. So we never retain ongoing access to your Cloudflare dashboard.

  3. Real-time patch fetching

    The worker script contains the core patching logic, but your actual patches live in a JSON file on Ahrefs. Whenever you publish new patches, the worker fetches the latest JSON in real time.

  4. Keeping your worker in sync

    Because we don’t store your credentials, we can't detect manual edits to the worker script that may break patching. If that happens, you can simply click Redeploy worker to restore the updated script. Occasionally, Site Audit may prompt you to redeploy the worker too if major feature updates require it.

Same as with the JavaScript deployment, you can deactivate the Cloudflare deployment at any time.

Deploy patches manually

Patches are available for all users but in order to publish them from Site Audit, your project needs an upgrade boost that supports the Patches feature. If the project is not upgraded or you don't want to use Site Audit for actual deployment, you can draft patches, export them and hand over to your developers so they can make and deploy changes on their side.

Important points

Please consider the following points in order to use Patches most effectively.

  • Changes are visible to everyone who visits your site: Making changes that people and bots can see is an obvious goal of the Patches feature, but just to state it clearly. Publishing patches will make visible changes to your site. After a patch is published, people and bots visiting your site will see the changes. So it's important to ensure the changes you publish are appropriate for your site.

  • Drafting and publishing need extra verifications: Any user with access to a project can draft patches. However, only users with 2FA configured in their account settings can publish patches. Make sure you’ve selected the right people to have access to projects that has Patches deployment enabled, as they’ll have the ability to publish changes on your sites. Additionally, patches can only be published in projects where site ownership has been verified.

  • Patches are tied to projects: If you delete a project, all patches published within it will be unpublished.

  • Project Boost must be purchased: Patches deployment is not available on every project. Your project needs an upgrade boost that supports the Patches feature in order to publish patches. If you downgrade to a boost that does not support it, you won’t be able to publish new patches. However previously published patches will remain active.

  • Execute JavaScript needs to be turned on: The "Execute JavaScript" option is automatically enabled in the projects where you set up deployment. This ensures that Site Audit bot can detect changes deployed via JavaScript next time it crawls your site. Note that crawling speed may be slower with JavaScript execution, so your crawls will take longer if you had this option turned off before.

You'll be prompted to agree with these terms before activating JavaScript deployment in Site Audit.

Related Articles
What does the 'Nofollow page' warning in Site Audit mean?
How to find the page source in your Site Audit report
What are Project Boost add-ons?
How Always-on audit works
How to export titles and meta descriptions from Site Audit
Did this answer your question?