All launch resources
Laravel launch checklist

Laravel app deployed — cleared for production?

Forge, Vapor, and shared hosting hide launch gaps: missing security headers on nginx, exposed .env backups, unoptimized Blade views hurting LCP, and API routes without rate-limit signals on public docs.

Security & headers

Production deploys need baseline HTTP hardening before you share the URL.

  • Enable HSTS and redirect HTTP→HTTPS at nginx, Cloudflare, or load balancer — Laravel doesn't set this in-app.

    Audit check SEC-001 · security

  • Confirm .env, storage/logs, and vendor/ are not web-accessible — common on misconfigured Forge sites.

    Audit check SEC-010 · security

  • Set APP_DEBUG=false and verify debug pages never leak stack traces on production.

    Audit check SEC-018 · dns ssl

  • Add security headers via middleware or nginx — CSP, X-Frame-Options, Referrer-Policy.

    Audit check SEC-003 · security

SEO & discoverability

Metadata, crawlability, and structured data that search and AI systems rely on.

  • Unique title and meta description on marketing, pricing, and docs routes — watch Blade @section gaps.

    Audit check SEO-001 · seo

  • Sitemap.xml reachable and robots.txt not blocking marketing pages.

    Audit check SEO-010 · seo

  • Open Graph tags on share URLs — Laravel Breeze/Jetstream defaults often omit OG images.

    Audit check SEO-004 · seo

Performance

Core Web Vitals and load behavior under real traffic — not just localhost.

  • Run php artisan config:cache and route:cache in production — measure LCP on heaviest Blade view.

    Audit check PERF-001 · performance

Trust & legal

Policy pages, contact signals, and checkout trust before paid or viral traffic.

  • Privacy Policy and Terms linked in footer and return 200 — required before Stripe or B2B signup.

    Audit check TRUST-001 · trust

FAQ

Laravel launch questions

Does Launch Auditor scan Laravel Forge or Vapor deploys?

Yes. Scan your public production URL. Launch Auditor checks response headers, rendered HTML, linked assets, and trust pages regardless of whether you host on Forge, Vapor, or Docker.

Run your Laravel clearance scan

Free tier · No credit card · Create account

Laravel Launch Checklist & Pre-Launch Audit | Launch Auditor