Dev / IT10 min read

Website Launch Checklist: 50 Things to Check Before Going Live

A complete pre-launch checklist covering performance, security, SEO, accessibility, cross-browser testing, SSL, error pages, analytics, backups, and monitoring — so nothing falls through the cracks.

Use this checklist before every website launch. Work through each section methodically — issues caught here are free; issues caught in production are expensive. Items marked ⚠️ are critical blockers.

Performance

  • ⚠️ PageSpeed Insights score ≥ 90 on mobile (pagespeed.web.dev)
  • ⚠️ All images have explicit width and height attributes (prevents CLS)
  • Images are WebP or AVIF format with JPG/PNG fallback
  • Above-the-fold images have fetchpriority="high", others have loading="lazy"
  • JavaScript deferred or async where possible
  • CSS not render-blocking (critical CSS inlined, rest loaded async)
  • Gzip/Brotli compression enabled on server
  • Static assets have long Cache-Control headers (1 year for hashed assets)
  • CDN configured and serving assets
  • Time to First Byte (TTFB) < 800ms

Security

  • ⚠️ HTTPS enforced with valid TLS certificate
  • ⚠️ HTTP → HTTPS redirect in place (301)
  • ⚠️ HSTS header set (Strict-Transport-Security: max-age=31536000)
  • Security headers configured (CSP, X-Content-Type-Options, X-Frame-Options)
  • Admin URLs not guessable (not /admin)
  • No sensitive data in URLs (tokens, passwords)
  • Error pages don't expose stack traces or server information
  • SSL Labs score ≥ A (ssllabs.com/ssltest)

SEO

  • ⚠️ Every page has a unique, descriptive <title> tag (50-60 chars)
  • ⚠️ Every page has a unique meta description (120-160 chars)
  • Canonical URLs set on all pages
  • robots.txt exists and allows important pages
  • sitemap.xml generated and submitted to Google Search Console
  • Open Graph tags set (og:title, og:description, og:image)
  • Images have descriptive alt text
  • H1 tag appears exactly once per page
  • Internal links use descriptive anchor text (not "click here")
  • No broken links (check with a crawler)

Functionality

  • ⚠️ Forms submit correctly and send confirmation emails
  • ⚠️ Contact forms tested with real email addresses
  • ⚠️ Payment flows tested in staging with test cards
  • 404 error page exists and is helpful (links to main sections)
  • 500 error page exists (shows user-friendly message)
  • All CTA buttons link to correct pages
  • Login/signup flow tested end-to-end
  • Password reset flow tested

Cross-Browser & Cross-Device

  • Tested in Chrome, Firefox, Safari, Edge
  • Tested on iOS Safari and Android Chrome
  • Mobile viewport meta tag present
  • No horizontal scrolling on mobile
  • Touch targets ≥ 44×44px on mobile
  • Text readable without zooming on mobile

Accessibility

  • Color contrast ratio ≥ 4.5:1 for normal text
  • Keyboard navigation works (Tab through interactive elements)
  • Skip navigation link at top of page
  • Forms have associated labels for all inputs
  • axe DevTools or Lighthouse accessibility audit passing

Analytics & Monitoring

  • ⚠️ Analytics installed and tracking page views
  • Conversion goals configured in analytics
  • Error tracking configured (Sentry, or similar)
  • ⚠️ Uptime monitoring set up with alerts (UptimeRobot free tier works)
  • SSL expiry monitoring configured
  • Automated backups configured and tested

Content

  • No placeholder text (Lorem Ipsum) in production
  • No "Coming Soon" or "Under Construction" content
  • Privacy policy page exists and is current
  • Terms of service exists (if applicable)
  • Cookie consent if required by jurisdiction
  • Contact information is accurate
  • All images are properly licensed
N

Nattapon Tonapan

Developer & creator of FreeUtil. Building free tools for developers and Thai users.

About the author →

RELATED ARTICLES

Dev / IT6 min read

What is JWT? Understanding JSON Web Tokens

Dev / IT5 min read

Base64 Encoding Explained: What It Is and When to Use It

Dev / IT8 min read

CIDR Notation and Subnetting: A Complete Guide

← Back to all articles