Production Checklist for Launch

A comprehensive list of questions to run through before launching your application on Vercel, prepared by the Vercel Engineering team. It is strongly recommended that you complete as many items as possible from the list below.

• Have you set up Log Drains for persisted logs from your Serverless and Edge Functions (Beta)?
• Have you added a Monitoring Solution to increase awareness of timeouts and error code increases?
• Have you created a process for responding to issues such as contacting Vercel Support, viewing the Vercel status page, rolling back deployments?
• If you are facing DNS issues, have you tried debugging them?
• Have you reviewed your Serverless Function logs and Build logs?
• Have you migrated to Vercel without downtime?
• Have you switched to using Vercel DNS?
• Have you added your www subdomain and redirected the apex domain to it?
• Have you worked with your Customer Success Manager (CSM) to ensure they are aware of your launch? (Enterprise plans only)

• Have you set up a Content Security Policy (CSP)?
• Have you addressed all security alerts made available to you by your Git provider?
• Have you protected your Preview Deployments with Password Protection or Vercel Authentication
• Have you implemented the Preview Deployment Suffix to use a custom domain for Preview Deployments?
• Have you considered enabling your Vercel team members to authenticate their current session with SAML SSO? (Enterprise plans with Owner role only)
• Have you added an instructional page for users to report abuse? (Recommended for Platforms built on Vercel)
• Have you committed your package-lock.json, yarn.lock or pnpm-lock.yaml to your repository to ensure that what was pinned during development is what Vercel will build against and deploy?
• Have you considered implementing Edge Function API Rate Limits and Tokens and other Edge Middleware security examples?

• Have you implemented a solution for capturing client-side exceptions?
• Have you implemented caching for your Serverless Functions?
• Have you planned for potential disruption to availability or increase in latency for upstream services such as APIs and databases?
• Have you thought about database connection limits?
• Have you load tested your application to stress your upstream services? (Enterprise plans only)
• Have you worked with your CSM to increase your Serverless Function Concurrency limit? (Enterprise plans only)

• Have you implemented a Real User Monitoring (RUM) service such as Vercel Speed Insights?
• Have you set up performance checks with an integration such as Checkly?
• Have you located your Serverless Functions in the same region as your API or database?
• Have you made sure that you know the limitations of using your proxy on top of Vercel? For example, if you use Cloudflare proxy with your domain, have you ensured the steps to set it up?
• Have you ensured you are optimizing your images?
• If using Next.js, are you using all built-in optimizations provided?
  • Image Optimization with next/image
  • Script Optimization with next/script
  • Font Optimization

• Have you set maximum durations for your Serverless Functions?
• Have you ensured, if using Incremental Static Regeneration (ISR), that your revalidate time is set appropriately to match content changes?
• Have you considered On-Demand Revalidation to regenerate a page only when your data has changed?
• Have you made sure any images that are being optimized are using a consistent value for source images?
• Have you moved large media files such as gifs and videos to a third-party solution to help reduce your usage on Vercel?
• Have you ensured that Server-Side Rendering (SSR) usage is not over the limits?