Table of contents

You started the project, moved along through all the revision checkpoints, your client is happy and you’re ready to move it on a live environment with the proper domain, server, and so on.

Even if the project works well on your development environment, there are a few things you might want to look over before making it live and ready to be accessed by visitors and search engine bots.

Dynamically deliver assets

On long projects or because you want to do a quick test, there might be assets that are hardcoded in your project.

Some bits might need to be hardcoded, but be sure it’s dynamically made so when you change the domain it will still work.

An example from the top of my mind is when you add a background image in CSS with the URL from WP Media Library. You want to quickly test something, the image is in Media Library and you just add it in your CSS to test.

You forget about it and when you delete the dev version of the site you end up with broken content.

Search from your IDE in the project folder after the dev URL address to be sure nothing is left in there.

Server details

In most cases, this shouldn’t be an issue if you have a good hosting company.

  • Check the PHP version on the server and what you need for everything to work properly
  • Check if there is any kind of restriction on the number of requests and files that you can have

Basically do a full run of your functionalities on the new server just to be sure no surprises appear.

Clean any test data

You tested and tested the site for all the edge cases and now it’s ready to go live.

Make sure all the test data is removed when the site goes live. Sure, some data needs to stay in there (you might have standard pages or users that should be in there), but everything else should be removed and the database to be as clean as possible.

Content ready

If you cleaned the database and removed all the extra users, posts, pages, etc, now add in the content.

Be sure the right content is on the pages before making it live, or else you risk having search engine bots crawl on your site and index pages with “Lorem ipsum” text on them – this is not very professional.

Forms functionality

In most cases, contact forms are your way to get customers or feedback. This might not seem like such an important thing, but from your client’s point of view, forms not working means the site is not functional. If this part is broken and fails on sending the message, you and your client are losing business.

For example, in Contact Form 7 (or any other contact plugin) you might need to install an SMTP or else the emails will not go out.

Of course, not only contact forms, but any other ways of gathering the data should be tested on the live environment again.

Conversion rate is very important when you invest money in promoting the site or certain landing pages. Having the potential customer landing on the page but failing the conversion part, it’s just bad business.


Always keep an eye on the security details. There is no need to explain how important this is regardless of how big or small your website is or if you have other users or just the administrator.

The most important and easy things to do:

  • Change the default administrator user to something else. Usually, you get the standard “admin”, don’t stick with that.
  • Change the password to something complex. I use the WordPress auto-generated password all the time, because it’s simple and helps me not having to create a password on the spot. Your client might want something that they can remember – suggest them to be a strong password (case sensitive, numbers, symbols, all that stuff).
  • Change the default login URL for WordPress. The standard login address from WordPress can easily be targeted by bots. You should change the wp-login.php to something personalized. Don’t do this by hand (you altering the code), just use a plugin like WPS Hide Login.
  • Install a security plugin. Wordfence should do the trick, it’s easy to use and it’s very popular.

A backup system in place

Periodical backups are a must: the files and database should be backed at least once a week. You can also go for twice per week, it really depends on the site and how much activity there is on it. If the content stays pretty much the same and there are no transactions happening, then you can set a longer period between backups.

A good option is UpdraftPlus – Backup/Restore. It’s one of the most used WordPress plugins and it does the job really well.

The hosting provider might also offer a backup system, use that too if you want to be sure nothing gets lost.

Make sure search engines can access the site

When you have the WP site (or any site) in development, the robots.txt is denying access for bots on your site. Or at least that’s the way it should be.

In WordPress, there is the option of Discourage Search Engines from crawling in Settings > Reading.

You should uncheck this after you cross all the points from above. Having the robots.txt still blocking search engines will make the site invisible for potential customers.