Production Checklist for Launch

A comprehensive list of questions to run through before launching your application on Vercel, prepared by the Vercel Engineering team. It is strongly recommended that you complete as many items as possible from the list below.

• Have you set up Log Drains for persisted logs from your Vercel Functions?

• Have you added a Monitoring solution to increase awareness of timeouts and error code increases?

• Have you created a process for responding to issues such as contacting Vercel Support, viewing the Vercel status page, rolling back deployments?

• If you are facing DNS issues, have you tried debugging them?

• Have you reviewed your Serverless Function logs and Build logs?

• Have you migrated to Vercel without downtime?

• Have you switched to using Vercel DNS?

• Have you added your www subdomain and redirected the apex domain to it?

• Have you worked with your Customer Success Manager (CSM) to ensure they are aware of your launch? (Enterprise plans only)

• Have you set up a Content Security Policy (CSP)?

• Have you addressed all security alerts made available to you by your Git provider?

• Have you protected your Preview Deployments with Password Protection or Vercel Authentication

• Have you implemented the Preview Deployment Suffix to use a custom domain for Preview Deployments?

• Have you considered enabling your Vercel team members to authenticate their current session with SAML SSO? (Enterprise plans with Owner role only)

• Have you added an instructional page for users to report abuse? (Recommended for Platforms built on Vercel)

• Have you committed your package-lock.json, yarn.lock, pnpm-lock.yaml, or bun.lockb to your repository to ensure that what was pinned during development is what Vercel will build against and deploy?

• Have you considered implementing Edge Function API Rate Limits and Tokens and other Edge Middleware security examples?

• Have you considered integrating an iframe to support PCI DSS compliance if you process payments on your website or application?

• Have you implemented a solution for capturing client-side exceptions?

• Have you implemented caching for your Serverless Functions?

• Have you planned for potential disruption to availability or increase in latency for upstream services such as APIs and databases?

• Have you thought about possible database limits?

• Have you load tested your application to stress your upstream services? (Enterprise plans only)

• Have you implemented a Real User Monitoring (RUM) service such as Vercel Speed Insights?

• Have you set up performance checks with an integration such as Checkly?

• Have you located your Serverless Functions in the same region as your API or database?

• Have you made sure that you know the limitations of using your proxy on top of Vercel? For example, if you use Cloudflare proxy with your domain, have you ensured the steps to set it up?

• Have you ensured you are optimizing your images?

• If using Next.js, are you using all built-in optimizations provided, such as Image Optimization with next/image, Script Optimization with next/script, and Font Optimization?

• Have you set maximum durations for your Serverless Functions?

• If you are using Incremental Static Regeneration (ISR), have you ensured that your revalidate time is set appropriately to match content changes?

• Have you considered On-Demand Revalidation to regenerate a page only when your data has changed?

• Have you made sure any images that are being optimized are using a consistent value for source images?

• Have you moved large media files such as gifs and videos to a third-party solution to help reduce your usage on Vercel?

• Have you ensured that Server-Side Rendering (SSR) usage is not over the limits?

• Have you configured your Spend Management settings to manage your usage and set up alerts to notify you when you are approaching your limits?