← Scan your domain
All categories

Production Readiness Guides

Educational guides for every issue didyouship.com scans for. Pick a topic from the sidebar, or scan your domain to see which ones apply to you.

Email

  • SPF Record - A DNS record that tells the internet which servers are allowed to send email from your domain.
  • DMARC Record - A DNS policy that enforces what happens when someone tries to send email pretending to be from your domain.
  • Email Spoofing Protection - How to prevent anyone from sending email that appears to come from your domain.
  • DKIM Setup - Cryptographic signatures that prove your emails haven't been tampered with and came from your authorized server.
  • Mail Server IP Blacklisted - Your mail server's IP address appears on spam blacklists - email providers silently drop or spam-folder everything you send.
  • Email Deliverability - Why your emails land in spam - and the three DNS records every domain needs to reach the inbox reliably.

SSL

  • SSL Certificate - Your SSL certificate encrypts traffic and proves your domain identity. Expired or invalid certs block your site completely.
  • HTTP → HTTPS Redirect - Visitors who type your URL without https:// get the insecure version unless you force a redirect.

Secrets

  • .env File Exposed - Your .env file is publicly accessible - anyone can read your database passwords, API keys, and other secrets.
  • .git Directory Exposed - Your entire source code and git history are downloadable - including secrets you committed and later deleted.
  • API Keys in Page Source - Secret keys found in your page's HTML source - visible to anyone who clicks "View Source".

DNS

  • www Subdomain & Redirect - www.yourdomain.com should either work (and redirect to the apex) or not exist - having both serve independent content splits your SEO.

Security

  • HSTS Header - The Strict-Transport-Security header tells browsers to always use HTTPS - even on the very first visit.

SEO

  • Page Title Tag - The title tag controls what appears in browser tabs and as your headline in Google search results.
  • Meta Description - The snippet shown under your title in Google results - without it, Google picks random text from your page.
  • Open Graph Tags - Meta tags that control how your links look when shared on Slack, LinkedIn, Discord, iMessage, and most social platforms.
  • Twitter Card Tags - X/Twitter uses its own meta tags for link previews - Open Graph tags aren't enough.
  • Viewport Meta Tag - Without the viewport tag, your site renders at desktop width on phones - everything is tiny and users must pinch-zoom.
  • Canonical URL - Tells Google which version of a URL is the "real" one - prevents duplicate content from splitting your search rankings.
  • Sitemap.xml - A file that tells search engines what pages exist on your site - required for Google Search Console and full indexing.
  • Favicon - The small icon shown in browser tabs. Missing = 404 errors on every page load + blank tab icon.

Performance

  • Response Time & Cold Starts - Slow response times drive users away - and free hosting tiers put your server to sleep, causing 10-30 second cold starts.
  • Response Compression - Enabling gzip or Brotli compression reduces page size by 60-80%, making your site load significantly faster.

Breakage

  • Mixed Content - HTTP resources on an HTTPS page are silently blocked by browsers - images don't show, scripts don't run.

Polish

  • Custom 404 Page - When someone hits a broken link, a custom 404 page keeps them on your site instead of showing a bare error.

Run a free scan to see which issues apply to your domain