Production checklist
Before release
Before a release, confirm that production config values are correct, error handling behaves as expected, build output is present, and the database schema is ready.
These checks are simple, but skipping them is one of the easiest ways to turn a straightforward deployment into a confusing one.
Security and stability checks
Check that sessions and cookies are configured safely, debug output is disabled, secrets are stored in the right place, and logging is set appropriately for production.
That usually means enough logging to diagnose problems, but not so much that sensitive values leak into logs or responses.
Operational checks
Confirm the web server is configured correctly, backups are in place where needed, and the deployment process is repeatable rather than manual guesswork.
If the application is expected to be monitored, make sure that work is done before the release rather than after the first incident.
After release
Run a short smoke test of the key user flows, check logs, and keep an eye on slow requests or broken assets. The goal is not to test everything again by hand, but to make sure the release actually behaves like the thing you intended to deploy.
The next page will cover WebEngine application security.