Enterprise Website for a Global Green-Finance Advisory
Performance, governance, and brand consistency for an enterprise content team.
Confidentiality Notice — This engagement is covered by NDA. Names, URLs, and screenshots are redacted.
Project Overview
A global sustainable-finance advisory engaged us after browsers began flagging their site with security flaws. The codebase ran on an outdated Next.js (Pages Router) and lived on hosting that required a brittle third-party Node adapter. Updates were rare, security headers were incomplete, and mixed-content issues occasionally appeared—undermining trust and slowing the content team.
We rebuilt the platform on a modern foundation: migrated from Pages Router → App Router, re-platformed to Vercel for native Node/Edge runtime and global CDN, and put a hardened CI/CD pipeline in place. We enforced end-to-end HTTPS, eliminated mixed content, and added a complete security-header suite. The result is a faster, secure site with a maintainable stack and a smoother editorial workflow.
The Challenge
- Fragile hosting: The legacy site lived on a platform that needed a third-party Node adapter just to run SSR—updates were risky and slow.
- Governance hurdles: Multiple global offices had to sign off before any hosting change; security and compliance reviews were mandatory.
- Vendor lock-in: Key features depended on proprietary npm packages authored by the previous agency, blocking upgrades and creating maintenance risk.
- Aging framework: The codebase was on an older Next.js (Pages Router), with outdated dependencies and inconsistent security headers.
Our Approach
- Stabilize first: Patched mixed-content issues, enforced HTTPS/security headers, and shipped quick dependency updates to keep the legacy stack safe while we planned the move.
- Migration RFC & approvals: Produced a clear Vercel re-platforming plan (architecture, security, TCO, rollback) and guided regional teams through approvals.
- De-lock the codebase: Inventoried proprietary packages (SBOM), then replaced or forked them into a private registry we control, with tests, docs, and semver—ending vendor lock-in.
- Modernize the app: Migrated Pages → App Router (Server Components, shared layouts, Metadata API, route caching) and removed brittle adapters.
- Re-platform to Vercel: Native Node/Edge runtime, global CDN, auto SSL, preview deploys, instant rollbacks.
- Make it maintainable: CI/CD with preview environments, Renovate/Dependabot for safe upgrades, a11y/perf linting, status checks, and monitoring.
- Own the lifecycle: We now host on Vercel and maintain the site—security patches, upgrades, and guardrails are ongoing.
Key Upgrades
Framework modernization
Next.js App Router with Server Components, shared layouts, streaming, route-level caching, and the Metadata API—yielding a smaller client bundle and cleaner routing.
Hosting & delivery
Re-platformed to Vercel (native Node/Edge, global CDN, auto SSL, preview deploys, instant rollbacks). Removed the fragile third-party Node integration.
Security hardening
Forced HTTPS, HSTS, CSP, Referrer-Policy, Permissions-Policy, secure cookies; removed mixed content.
Reliability & maintainability
Dependency upgrades, automated update PRs, lockfile hygiene, build checks, and previews for safe reviews before publish.
Editorial workflow
Role-based CMS with approvals and live previews so non-technical editors can ship confidently.
Ready to modernize and secure your site?
Whether you’re running a fast-scaling business or managing a high-traffic brand, your website shouldn’t be holding you back. If you’re ready for a site that’s built to scale, perform, and empower your team — let’s talk.
