IndustriesWorkPlaybookHow it worksAboutBook a systems auditBring us your idea

What do I need before I can launch? A checklist

Straight answer

Before launching you need: a domain you own, a host with your site deployed, HTTPS active, and every secret setting configured on the live host. If you collect data, add a privacy policy and lock down your database. Then test every page, form and payment on the live site before telling anyone it is open.

Information current as at 5 July 2026

Launching is exciting, and excitement makes people skip the boring checks that prevent the embarrassing problems. This is the short, honest list of what genuinely needs to be true before you tell the world your thing is open. Work through it once and you launch with confidence rather than crossed fingers.

Plain English
HTTPS
The encrypted, padlocked version of your address that every live site now needs.
Privacy policy
A page explaining what data you collect and how you use it, required if you collect any.
Environment variable
A secret setting your live app needs, configured on the host.
Backup
A saved copy of your site or data you can restore if something goes wrong.

Step by step

  1. The foundations: domain, host, deployConfirm you own your domain in your own account, that your site is deployed to a real host, and that visiting your domain loads the site. This is the baseline of being live at all. If any of these is missing, you are not ready to launch, you are ready to finish setting up. Check them first because everything else assumes they are done.
  2. The padlock and the settingsConfirm HTTPS is active, so your address shows a padlock and no "not secure" warning. Then confirm every secret setting your app needs is configured on the live host, not just in your preview, because a missing one breaks the live app quietly. Load the live site and actually use it: a green deploy is not proof it works, using it is.
  3. If you collect any data, do the data basicsIf your site takes names, emails, messages or payments, you need a privacy policy explaining what you collect and why, and your database must be locked down so strangers cannot read it. Check that no secret keys are visible in your code or pages. In Australia, collecting personal information carries real obligations, so this is not optional politeness, it is the baseline for handling other people's data.
  4. Test like a strangerGo through the whole thing as a first-time visitor on the live site: every page loads, every link works, every form submits and actually reaches you, and any payment completes with a test transaction. Do it on your phone as well as your computer, on mobile data not just wifi. Most launch-day embarrassments are a broken form or a dead link that two minutes of testing would have caught.
  5. Have a way back and a way to be reachedMake sure you can undo a bad change: know how to roll back to a working version, and keep a backup of anything you cannot afford to lose. Confirm there is a clear way for visitors to contact you, and that those messages actually arrive. Then launch. If working through this list surfaced things you are not sure about, especially around data and security, that uncertainty is a good reason to get a second opinion before real customers arrive.
No pressure
Show us what you built.

If you have made something and it needs to become real, send it over. We will tell you honestly what it needs to be live, safe and yours, whether that is a quick fix you can do or a proper build. No obligation.

Common questions

Questions, answered

What is the one thing people most often forget before launch?
Configuring the live settings, the environment variables, so the app that worked in preview also works live. A close second is testing forms and payments on the live site rather than assuming they work. Both are quick to check and both cause visible failures if skipped.
Do I really need a privacy policy?
If you collect any personal information, names, emails, messages, payments, then yes. In Australia there are real obligations around handling personal data, and a privacy policy is the minimum. It also builds trust. Skipping it is both a legal risk and a credibility one.
How thoroughly should I test before launch?
Enough to have personally used every important path on the live site: loading pages, submitting forms, logging in, paying. Test on a phone and a computer, on mobile data. You are looking for the broken form or dead link that a real visitor would hit in the first minute.
How do I know if I am actually ready or just impatient?
If the foundations are done, HTTPS is on, live settings are configured, data basics are handled where relevant, and you have tested every path as a stranger, you are ready. If you are unsure about security or data handling specifically, that is the one kind of doubt worth resolving before launch rather than after.
No pressure
Show us what you built.

If you have made something and it needs to become real, send it over. We will tell you honestly what it needs to be live, safe and yours, whether that is a quick fix you can do or a proper build. No obligation.

Start here

Two doors. Same senior team.

Whether you can name exactly what you want built, or you just know something is leaking, the next step is the same conversation.