All launch resources
Django launch checklist

Django project ready for real traffic?

ALLOWED_HOSTS, DEBUG=False, and static file serving are table stakes — but production launches still miss security headers, admin URL exposure, sitemap gaps, and slow template renders under load.

Security & headers

Production deploys need baseline HTTP hardening before you share the URL.

  • DEBUG=False in production and no sensitive settings exposed in error pages.

    Audit check SEC-018 · dns ssl

  • Enable SecurityMiddleware headers — HSTS, XSS filter, content-type nosniff, clickjacking protection.

    Audit check SEC-001 · security

  • Move /admin/ off default path or restrict by IP — admin login pages are crawl targets.

    Audit check SEC-015 · security

  • No SECRET_KEY or database credentials in client-side templates or public repos.

    Audit check SEC-020 · dns ssl

SEO & discoverability

Metadata, crawlability, and structured data that search and AI systems rely on.

  • Meta tags on all public views — Django templates often ship with empty description blocks.

    Audit check SEO-001 · seo

  • django.contrib.sitemaps or custom sitemap.xml submitted and reachable.

    Audit check SEO-010 · seo

Performance

Core Web Vitals and load behavior under real traffic — not just localhost.

  • WhiteNoise or CDN serving compressed static assets — unoptimized CSS/JS hurts LCP.

    Audit check PERF-001 · performance

Trust & legal

Policy pages, contact signals, and checkout trust before paid or viral traffic.

  • Legal pages linked from footer before opening signup or API key registration.

    Audit check TRUST-001 · trust

FAQ

Django launch questions

Can Launch Auditor audit Django sites on Railway or Fly.io?

Yes. Scan the URL customers will use. Launch Auditor validates headers, rendered pages, performance, and trust signals on any public Django deploy.

Scan your Django production URL

Free tier · No credit card · Create account

Django Launch Checklist & Pre-Launch Audit | Launch Auditor