WordPress website deployment checklist

The deployment step is crucial to any web development project. You want this part of the project to run as smoothly as possible and not tarnish all the hard work that you’ve done up until this point.

This checklist covers both [[#Pre deployment checklist]] and [[#Post-launch Checklist]] so that you can fully prepare and do post launch due diligence ensuring the website you built optimally performs.

Pre deployment checklist

Before deploy

Prepare for deployment

• Check for any existing scripts that need to be transferred.
• Do a search for any absolute URLs used within internal site links. You want to use relative URLs for internal links. This will ensure when your site is pushed live that you’re internal links are not referring to the old staging site.
• Ensure primary domain is set on live server (flywheel, wpengine, kinsta)
• Ensure ssl is ready for the primary domain. Consider the correct vesion of the domain. www or without.
• DNS access is ready to go to update domain details.
• Get a working local copy of the existing site incase we need to refer to it again for data or otherwise
• Check for 404 brokenlinks on screaming frog
• Copy non wordpress folders from the old site to the new site
• Lost password screen looks good and works - test it, ensure you get the email
• 404 page template is good
• Page redirects - check the redirects are working
• In WordPress general settings site url is using HTTPS - These addresses can have effect on Canonical urls which can severely affect SEO
• Ensure all addresses on the site are hyperlinked to google maps and wrapped in html <address>
• If using sengrid to send email client is using their own account
• Ensure menus on mobile match menus of Desktop.
• Search site for dummy content strings such as ‘Lorem ipsum dolor sit amet, consectetur adipiscing elit’
• Search site for staging website urls such as ‘wpengine’

Security

• Scan site for Vulnerabilities with Wordfence cli or Wordfence Plugin.

Forms

• Ensure all gravity forms use the international phone number.
• All forms have a name on the from address. (otherwise it default to email address and looks ugly)
• All forms have date in correct format (AU).

form testing confirmation email

Confirm the form is sending the emails and the client is receiving submissions

Hi, 
Ive just filled out the contact form.
Can you please confirm you got the submission at sales@example.com ?

Post-launch Checklist

Update all stakeholders - Tell them to do updates on the live site from this point.. rather then then dev or staging sites. See below email template for communicating this to client.

Deployment Complete - Stop editing content on staging

The website deployment is complete. As the deployment/migration to the production URL is complete, please edit all content, on the production URL from the point. 

From this point on we will be using the old staging url for functional testing only.

You can login to the website from /wp-admin/
Your logins will be the same as our previous staging website.

Users

• Create wp user administrator level account for client.
• Lost password screen looks good and works - please test you get the email.

Authors

• Author pages are set appropriately on post content
• Author bios have been written

Site Settings

• Discourage search engines NOT active
• Ensure admin email address is set to that user
• In WordPress general settings site url is using HTTPS. These addresses can have effect on
• For improved performance and security, define the site url in the wp-config.php file.
• For ongoing performance Set post revisions limit in the wp-config.php file.

Urls

• Check for 404 brokenlinks on screaming frog
• Http needs to redirect to https
• Ensure both www redirects to non www work
• Ensure non / urls redirects to urls with a /

Plugins

• Clean up plugins . Only leave plugins crucial to the production site. Remove any development plugins.

Licenses

• Ensure all plugin licenses are valid and relative to the client. Never deploy a premium plug-in without a license. Even if the plug-in is not asking to be updated. Plug-ins that cannot be updated represent a severe security risk.

Contact Forms

• Test Forms go to the right email address and the reponses on the form are clear.
• Mailchimp/activecampaign integrations with gravity forms are working.
• Ensure forms are sent from noreply@……..

Spam proofing

Don’t launch anything into production without doing spam proofing due diligence. Just because staging was not getting spam doesn’t mean production will be the same.

• add waf rules on server configuration
• Google recapture v3
• Disable comments of not needed

Security

• Set file permissions on wp-config.php to be chmod 440 wp-config.php
• Add wordfence with 2fa enabled for clients and admins

SEO & tracking

• Add Google analytics code
• XML sitemap on the website
• Robots file linking to sitemap
• Check canonicals are self referencing
• Configure yoast to ensure the crawl is crawling the main content. Found in appearence and content types.
• Run semrush report for technical SEO errors. Create tasks to fix errors
• Check example.com/robots.txt exists and is allowing visitors to the site but not the wp-admin

WooCommerce website deployment Checklist

• Check all email addresses are correct in woocommerce > settings > emails
• Put current site in maintenance mode, create backup store locally then deploy new site.
• Ensure Ecommerce integration is set to live not testing.
• Order received emails are sent.
• My Account / lost password / funcitonality is styled
• Checkout error message is styled
• Payment processing animated svg
• Subscription orders appear in 3pl (shipbob, mainfrieght)
• User can checkout as guest and also with an account.
• Paypal, stripe and afterpay test orders
• Currency is correct
• Timezone is correct
• Export / Import existing active subscription codes

Integrations

• Google maps are working. Sometimes they can stop working if not configured with the production url.
• Google recapture is working

performance

Ensure wp core, plugins, themes and php are all the latest versions Optimize database Optimize cache to use query caching Create a read-only slave of your master database server using HyperDB. Use a cdn for delivering all content to the user. Fix any php warnings and notifications in the error logs.