DEV Community

Cover image for Before Uploading Your Code to GoDaddy or Hostinger — Production Checklist Every Developer Must Know 🚀
Sayista Yazdani
Sayista Yazdani

Posted on

Before Uploading Your Code to GoDaddy or Hostinger — Production Checklist Every Developer Must Know 🚀

#ai #learning #development #webdev

The "It Works on My Machine" Trap: A Real-World Production Checklist 🚀

Most beginners think deployment is just zipping files and uploading them to GoDaddy or Hostinger. But local code and production environments are two entirely different beasts.

Ignoring production best practices leads to the ultimate developer nightmare: middle-of-the-night crashes, leaked databases, and exposed API keys.

Here is the raw, practical checklist of things developers actually mess up, along with the real-world examples of how they break.

1. Secrets & Environment Variables

  • The Mistake: Pushing your .env file to GitHub or leaving hardcoded strings in your repository.
  • The Disaster: A bot scrapes your public repo, steals your OPENAI_API_KEY, and runs up a $5,000 bill overnight.
  • The Fix: Add .env to .gitignore. Always inject credentials via your hosting dashboard environment variables.

2. Infrastructure Mismatch (Shared vs. VPS)

  • The Mistake: Buying cheap shared hosting for a modern Node.js, WebSocket, or AI-heavy application.
  • The Disaster: Your real-time chat app works for two users, but completely freezes the moment a third person connects because shared hosting kills persistent background processes.
  • The Fix: Use Shared Hosting only for static sites or basic PHP/WordPress. Use a VPS for Node.js, queues, and heavy traffic.

3. Leaving Debug Mode On

  • The Mistake: Going live with NODE_ENV=development or APP_DEBUG=true.
  • The Disaster: Your database query fails, and the frontend displays a massive stack trace showing your exact database structure, folder paths, and internal logic directly to a malicious user.
  • The Fix: Force NODE_ENV=production. It hides internal errors, seals security vulnerabilities, and optimizes performance.

4. The "Manual Upload" Gamble

  • The Mistake: Manually dragging, dropping, and overwriting files via a cPanel File Manager or FTP.
  • The Disaster: You accidentally skip a folder, overwrite a live user upload directory, or drop the connection halfway through, leaving your site completely broken.
  • The Fix: Set up Git-based deployment or a basic GitHub Actions CI/CD pipeline to eliminate human error.

5. Running Processes as the Root User

  • The Mistake: Setting up your server and running your app under the absolute administrator (root) account.
  • The Disaster: A vulnerability in an outdated npm package gives an attacker access to your app. Because it runs as root, they delete your entire server file system.
  • The Fix: Use Nginx as a reverse proxy and run your application under a dedicated, limited-privilege user.

6. Zero Crash Handling or Longevity Planning

  • The Mistake: Running your app via node server.js and using npm install on the production server.
  • The Disaster: An unhandled exception occurs, the app crashes, and your website stays down until you manually log in to restart it. Meanwhile, npm install pulls a minor package update that breaks your build.
  • The Fix:
  • Use PM2 or Supervisor to auto-restart your app on crashes.
  • Run npm ci --production to ensure clean, lean, predictable builds.
  • Set up automated backups for your database and environment files before every single push.

The Bottom Line 👇

"Deployment isn't just about moving code; it's about engineering reliability."

Writing features is only half the job. Building a stable, secure, self-healing system that stays alive while you sleep is what separates a junior coder from a true production engineer.

What was your biggest deployment disaster? Did you ever accidentally wipe a live database? Let's talk in the comments! 👇

Top comments (0)