You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Security Review: Ensure each section from has been reviewed using security best practices and you are confident with the site's security standards.
Documentation review: Is everything important documented?
Documentation review: Ensure there are no secret/sensitive values in the documentation (if public)
Documentation review: Ensure the documentation is viewable over gitlab/github pages.
Check FE caching is set up
Ensure the production site allows indexing by setting the environment variable SEO_NOINDEX=False. This will add the <meta name="robots" content="noindex"> meta tag.
[ ] Ensure dev and staging environments are not being indexed by confirming the existence of the <meta name="robots" content="noindex"> in the rendered HTML.
Test that emails are sent (with correct from address and subject line prefixes) for form submissions (custom forms, password reset etc).
Change hostname in the settings-sites-site to the production url
Confirm production settings are in use
Update allowed hosts
Application logs are configured and being written to
Check scheduled tasks have been set up and are functioning correctly (e.g. publish_scheduled_pages)
Set up Mailgun for sending of email notifications (if not Mailgun: document alternative email service on client intranet article and who is responsible for admin).
Set up Sentry
Test 500 Error exception Sentry logging / Admin emailing
Set up Papertrail
Confirm SSL config is rated A+ on SSL Labs and security headers are rated A on Security Headers IO
Check that all Django admin user accounts are using strong passwords (and optionally using 2FA) or are disabled [we can't check users' passwords, only if the default strong password validator has been changed]
Double check Mailgun setup from django.conf import settings; from django.core.mail import send_mail; send_mail('test', 'test', settings.DEFAULT_FROM_EMAIL, ['...@torchbox.com'], fail_silently=False)
Change email links from production url to live url at launch (emails should use the wagtail site record instead, so only that should be set correctly)
Test sitemap.xml
Test robots.txt is present and contains appropriate rules
Ensure title tags are set as ‘ | Homepage Keyword’ for the homepage and ‘Other Pages | ’ for all other pages, where the “Homepage Keyword” part should come from the “Page title” field in the “Promote” tab.
Create Heroku and Cloudflare error pages - sysadmin will add to Cloudflare when the pages are ready
The text was updated successfully, but these errors were encountered:
Hi @RealOrangeOne, I believe some of these tasks have been completed by you. Could you mark them as done, and let me know which ones I can work on? Thanks!
@laymonage Just been through and checked the ones which have been done. Most of what's left is testing rather than actual dev, but should all be ready to go 😄
<meta name="robots" content="noindex">
meta tag.[ ] Ensure dev and staging environments are not being indexed by confirming the existence of the<meta name="robots" content="noindex">
in the rendered HTML.The text was updated successfully, but these errors were encountered: