Production Checklist

    • Long-running processes such as email should delivery being run in background jobs?
    • Are there redundant \(at least two\) web and background processes running?
    • Are we using SSL? Never send credentials unencrypted over public network. Always use encryption \(such as HTTPS, SSL, etc.\).
    • Are API requests being made via a separate subdomain \(\)? Even if the same app, this gives us architectural flexibility in the future.
    • Are we monitoring performance and uptime?
    • Are deploys done manually at a scheduled time when teammates are fresh and available if something goes wrong?
    • Do deploys follow a well\-documented script?
    • A method exists for replicating the state of one environment in another \(e.g. copy prod to QA to reproduce an error\)
    • All repeating release processes have been automated


  • No secrets are stored in version control
  • Is config stored in environment variables?
  • Are new variables deployed?
  • Server environments are up\-to\-date
  • A plan for updating the server environments exists

Back up

  • Are we backing up our production database?
  • Backups are running and verified
  • Restoring from a backup has been tested
  • Rolling back a deployment is possible


  • Logging is turned on
  • There is a well defined process for accessing and searching through logs
  • Logging includes exceptions and stack traces where appropriate
  • Are we sending logs to a remote logging service?

Error Tracking

  • Are we tracking errors?
  • Errors can be mapped to stack traces

We’d love to work with you.

Drop us a message if you’d like to build with the Dwarves.

Let’s build