Save up to 25% on pro security plugins w/ our Security Bundle »
Web Dev + WordPress + Security

10 Weird Ways to Ruin Your Website

Everyone knows that slow loading and/or insecure websites are horrible, just the worst to be avoided at all costs. But there are other, less obvious ways to destroy the user experience and well, just make things suck in general. The goal here is to raise awareness and have some fun.

So without further ado, here are my top 10 weird ways to ruin your website, along with their real-world equivalents..

1) Unsolicited Popups

I say “unsolicited” because I’m not talking about when you click a link and get a popup window. Here I am talking about anything that “pops up” unexpectedly. Like when you first visit a website and BAM immediately they throw up a cookie consent form. Or a popup begging for your email address. Or a popup letting you know there is some great feature or deal available. Or even worse they hit you with a bunch of popups all at once. One in each corner lol.

Aggressive use of popups makes your site look cheesy and bad. It breaks that unspoken trust between visitors and websites. It annoys your visitors so they leave as soon as possible. It steals time and attention away from the user. It makes your site look desperate, as if the site owner either doesn’t care or is completely ignorant. I could go on, but you get the idea.

Real-world equivalent for unsolicited pop-ups: You walk into a store and the staff immediately starts throwing things at you.

2) Popunders

Or whatever they’re called. Here’s how they work:

  1. Visit a web page
  2. Click the browser’s back button expecting to return to your previous location
  3. The site hijacks your click and sends you to their greasy sales page instead

So to return to your previous location, you’ve got to click the back button again, sometimes multiple times. I’ve encountered some sites where they effectively disable the back button. Just to keep you at their greasy site for a few seconds longer.

This whole “popunder” scheme is super frustrating for many reasons. Basically if you’re running a website don’t be a total schmuck and mess with the browser’s back button or browse history. Let visitors come and go freely and without the whole “but wait there’s more” shtick.

Real-world equivalent for pop-unders: You go to leave the store and the automatic sliding door won’t open. So you have to physically push it open only to find that you’re back inside of the store.

3) Too many advertisements

This one’s obvious. Anyone with more experience than a potato understands that too many ads are the worst. Like when you’re trying to find the actual contents of a web page, only to get immediately bombarded from ads in all directions. Like the page literally won’t stop loading because there are even MORE ADS for you to see.

At best, too many ads make your site look horrible. At worst, too many ads ruin the user experience, and can make the content unreadable and inaccessible. Running too many ads makes you look desperate. Makes your site look horrible, and confusing. And makes you look incompetent, as if you have no idea that your hideous ads are a straight up nightmare driving users far away.

Real-world equivalent for too many ads: You walk into a store and they club you with a baseball bat. Right upside the head.

4) Messing with scroll

I actually can’t believe that I have to call this one out. Scrolling is such a fundamental, even sacred part of the web browsing experience. It’s hard to believe that anyone would actually mess with it.

Fortunately it’s not a common practice. But every now and then you stumble upon some site and go to scroll down the page. Only to find that SCROLL is not working normally. Like it usually does. 99.999% of the time.

But some sites are special and know best how to fix scrolling. So they add some greasy bit of JavaScript that somehow modifies the user’s scroll behavior. Either slowing it down, speeding it up, or doing that weird thing where the scroll speed is inconsistent as the page moves from one section to the next.

Real-world equivalent for messing with scroll: You walk into a store and they duct-tape a bike wheel to your leg. Have fun shopping.

5) Messing with right click

Especially in the art/media arena, you get the occasional site where the administrator thinks it’s smart to “protect” their on-page content by disabling right mouse clicks. Like the content is just so valuable and precious that they feel a real need to disable native functionality of the user’s device.

Like when you right-click an image to get more information or inspect the code or whatever, but the click doesn’t do anything, no context menu. So you right click again, maybe a few more times in different locations on the page. And then realize that the perhaps well-intentioned site owner has disabled right click entirely. Sorry, Internets.

You know, because it’s 100% impossible to disable JavaScript with the click of a button and then right click (and download) whatever you want.

Pro tip: If you’re putting it out there publicly on the Web, understand that someone will find a way to download it. Trying to stop that is fine. Futile but OK your prerogative. Just know that disabling or otherwise messing with right click, left click, or any other aspect of the user’s native browsing functionality is despicable at best. At worst you could be preventing users from accessing important contextual tools.

Real-world equivalent for messing with right click. You walk into a store and they tie a plastic bag over your head.

6) Messing with paste

Just like messing with scroll and right clicks, messing with paste is a horrendous UI/UX mistake. You think I’m exaggerating. I’m not.

The classic example is where well-intentioned (but obviously clueless) websites disable paste on “repeat password” fields. Like when you enter your password in the first password field, and then there’s another “confirm password” field where you must enter the password again. On good sites, you can copy/paste your super strong password in both fields and done. But on crappy sites, where they disable paste for the repeat password field, you have to type out your complex password manually. Like a cave person. Unga bunga.

Seriously, just let me paste 0hgQt:|Bj|/ix(CF?D|%0gqLx5EfZ/7R. Don’t make me type it all out. Why? Because it’s a royal waste of time that actually encourages lazy/weak passwords. Instead of typing out 0hgQt:|Bj|/ix(CF?D|%0gqLx5EfZ/7R and getting it wrong five hundred times. And don’t even try it on mobile. It’s just easier to use a simple password that’s not gonna take all day to type. Users know this and will use weaker passwords for your site. Messing with paste = weaker security.

Real-world equivalent for messing with paste: You’re about to make a big purchase at the store and they cut up your debit card.

7) Limiting form inputs

This one is newer, subtle, and frankly disturbing. Normally text and other form inputs accept text as the user types, even when the mouse cursor drifts and away from the input field. So you can start typing in a form field and then move the mouse away a little, somewhere outside of the field, in order to make things easier to read, so the cursor is not overlapping any existing text. That’s how it works with all major browsers by default. There literally is zero reason to mess with it.

Some sites, unfortunately, disable the default input behavior. Effectively limiting the scope of form inputs. So in order to enter text, the mouse cursor must be located within the field itself. If you move the cursor — even a little bit — outside of the form field, it will stop accepting the text you are trying to enter. Forcing you to stop typing, find your cursor, and reposition it somewhere directly over the field.

It may not seem like a big way to ruin a website, but when you work fast and/or are in a hurry, having to stop your well-established workflow just to play stupid games with some overzealous administrator seriously detracts from the user experience.

This used to happen at Amazon (for example), but apparently they listened to user feedback and restored original/default functionality.

Real-world equivalent for limiting form inputs: The store is dark and you have to clap the lights on whenever you want to look at something.

8) Auto-playing media

This refers to any audio or video or animation that starts playing automatically, without your consent. Unsolicited auto-playing media immediately changes what I think about a website. And depending on the media that’s automatically playing, I will avoid future visits to the site and find a more peaceful alternative.

If you’re visiting a site like YouTube or Vimeo or other video site, hopefully they provide an option to automatically play videos. Can make it a lot more enjoyable to binge media content without having to stop and click play for every video.

For sites that don’t provide an “auto-play” option, then auto-play should be disabled by default. Never start playing audio or video without the user explicitly requesting it. Even worse is automatically playing media without muting the volume. It’s just complete disruption and 100% unnecessary.

If you host media content, provide an auto-play and/or auto-sound options. Don’t just assume the user wants your annoying video blasting at full volume the moment they hit the page.

Real-world equivalent for auto-playing media: Cheesy elevator/pop music that stores continue to pump out 24/7 to this day. You may think it’s a good idea to continually drone that monotonous drivel. But probably less than 5% of your visitors agree. Everyone else has a headache and wants to leave as soon as possible.

9) Poor design quality

You don’t need a million dollar design. You don’t even need a five-dollar design. You just need a design that puts your content and message right up front. Amazingly so many sites have major problems in this department.

But it doesn’t take a genius. Just a bit of common sense. Things like text is easy to read. Plenty of vertical space, no weird paragraph justification or sloppy line-heights. Color contrast sufficiently sufficient. And maybe throw in a a few options, like toggle dark/lite mode, font-size adjustment, and so forth. Just keep things simple and focus on the content. Is all I’m saying here.

Real-world equivalent for poor design quality: You walk into a store.

10) Weak content

Last but not least, have some real content. In general, content is the whole reason why a web page exists. So when you visit a web page, like say a shopping item page, and they put like a sentence or maybe two about the item for sale. Well that’s kind of a let down. I mean, if you’re going to bother with creating an entire web page for some item, take the time to flesh it out with plenty of information, details, etc.

I think I’ve heard search engines refer to it as “thin content”. If you’re going to put something out there, make it count. Don’t just crank out first drafts. Spend some quality time with your content and find ways to improve, even if incrementally.

Real-world equivalent for weak content: You walk into an empty store.


What did I miss? What’s your biggest pet peeve(s) when it comes to surfing the Web? Your thoughts are welcome in the comments below :)

Jeff Starr
About the Author
Jeff Starr = Designer. Developer. Producer. Writer. Editor. Etc.
Blackhole Pro: Trap bad bots in a virtual black hole.

18 responses to “10 Weird Ways to Ruin Your Website”

  1. I think dabbling with login / signup forms deserves a honorary mention.

    Somebody had the bright idea to ask for the user’s email first, and then to present a sign in or a sign up form depending on whether that email is present in the database. How awesome is that?

    I don’t know about others, but I have multiple email addresses and use them depending on the resources I am accessing. I am not supposed to remember which email address I’ve used for registration on any particular website; this is the job of my password manager.

    But the password manager will not kick in, because it does not see the standard user+password form field it knows. If I *really* want to log into this web site, I am forced to open my password manager by hand and search for the site URL.

    More often than not, I will simply move on. Minimalism is removing everything that is not necessary, and stopping there. Some people don’t know when to stop.

    • Jeff Starr
      Jeff Starr 2023/01/12 12:18 pm Reply

      Yes! I need to add this to the list. As soon as the big sites started rolling out those double login forms, I knew it was game over. Fortunately not every site followed suit, but plenty jumped on board without even blinking. The only thing accomplished by checking email before allowing a password is poor user experience. Single shot login forms enable me to log in super fast with no friction; the double shot login forms are simply wasting everyone’s time.

  2. This is a good list – I agree with all 10 (some of which remind me why I run uBlock Origin in advanced mode). I submit sites that do not have RSS/ATOM feeds to the list of annoyances. The real world equivalent is a store that blocks its windows so you cannot even window-shop before going in and suffering the indignities of all of the real-world equivalents on your list. (I’d add Cloudflare CAPTCHAs, but that might be more of a me thing.)

    • Jeff Starr
      Jeff Starr 2023/01/12 12:12 pm Reply

      I agree that no RSS feed is a bad sign. And I’m tempted to go back and add Clodflare captchas to the list as #11, absolutely the worst user experience hands down.

  3. Šime Vidas 2023/01/16 1:17 pmReply

    Sticky headers for sure. It’s fine on Perishable Press (only 44 pixels tall), but many websites have very tall sticky headers that cover a third or more of my viewport height. Super annoying.

    • Jeff Starr
      Jeff Starr 2023/01/16 1:27 pm Reply

      Absolutely agree. Some site owners tend to get greedy with the sticky header. Similar to the “make logo bigger” mentality. Just makes it more difficult for users to view the actual content. Thanks for mentioning, Šime.

  4. some of these annoyances can be squashed by disabling JS – yes, i know, this can be an annoyance in and of itself, but anyone that’s concerned about privacy/tracking/fingerprinting will disable JS *globally*, then allow only where needed (uBlock Origin makes this easy)

    to get R-click to work without disabling JS, press Shift+R-click (works in FF anyway)

    block autoplay in FF:
    media.autoplay.blocking_policy 2
    media.autoplay.default 5

    the “modern web” has devolved into a cesspool – unnecessary JS everywhere, reliance on 3rd part libraries, fonts, CDN’s, frameworks and “web developers” that i’m not entirely certain could code “hello world” without relying on the aforementioned… and it just keeps getting worse

    • Jeff Starr
      Jeff Starr 2023/01/17 2:16 pm Reply

      “the ‘modern web’ has devolved into a cesspool”

      It does seem to be the case for the bigger sites. Still millions of great independent sites out there. Just a matter of finding (and remembering) them.

      Thanks for the uBlock/Firefox tips.

  5. Shopping sites that won’t tell you their shipping rates until you’ve added the item to the basket / trolley & created an account. No thanks!

  6. I still laugh my @$$ off when I see an HTML 3 windowed progress bar. The company I work for is about to put down serious hundreds of K of money for an enterprise system whose authors claim it is HTML 5. Yet, there is a beautiful windowed progress bar. I love every pixel of it!

  7. August K. 2023/01/28 11:25 amReply

    My pet peeve is web pages that won’t stop loading things so the content shifts all over the place while you’re trying to read. SO annoying!

  8. The new “login with Google” popup a very annoying addition on top of the cookie bar I see more and more.

  9. And it is really annoying how many websites actually fail on option 1. I’m not even talking about those cookie banners as they are basically required by law. I don’t want to subscribe to newsletters, don’t want to get browser notifications, don’t want to answer a survey, …

  10. Katherine 2023/01/28 11:37 amReply

    I hate it when sites change URLs and move stuff around all the time. It seems the larger the company the more likely they are to change URLs for important things like documentation. Google especially is notorious for moving pages from one location to another, and they LOVE to change URLs like constantly. Makes it very difficult to find what you’re looking for.

  11. Copy/paste spam. Like when you copy a text snippet from a site, and then when you go to paste, it includes a line about where you copied and pasted from. Like “this text copied from..” or “please visit our site for more..” etc. Horrible practice that’s way too common.

Leave a reply

Name and email required. Email kept private. Basic markup allowed. Please wrap any small/single-line code snippets with <code> tags. Wrap any long/multi-line snippets with <pre><code> tags. For more info, check out the Comment Policy and Privacy Policy.

Subscribe to comments on this post

Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
BBQ Pro: The fastest firewall to protect your WordPress.
Fall season almost here :)
My greatest skill on social media is the ability to simply ignore 98% and keep scrolling without interacting.
Enjoying this summer, getting some great positive energy. Refreshing and inspiring.
☀️ Pro plugin giveaway! Enter to win 1 of 4 lifetime licenses for our WordPress security plugins, including 10-site Security Bundle!
There is no end to what humans can achieve when they work together.
Excellent (and free) tool to test your site's SSL configuration.
Plugin updates! All of our free and pro plugins ready for WordPress 6.2.
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.