Configuration and secrets
Ensure APP_DEBUG is false, APP_ENV is production, and secrets live outside the repo. Rotate keys when team members leave or vendors change.
Queues, schedules, and failed jobs
Run a queue worker under a process monitor. Log failed jobs and alert on sustained failure rates — email and payment flows fail quietly otherwise.
Cache and sessions
Use Redis or another shared driver when you scale horizontally. Document how to flush caches safely during deploys so you do not take down sessions mid-checkout.
Database migrations
Prefer backwards-compatible migrations for large tables: add columns as nullable first, backfill, then enforce constraints in a follow-up release when you need zero-downtime deploys.
Observability
Ship structured logs, health endpoints, and uptime checks on critical routes (login, checkout, API tokens). Pair application logs with front-end error tracking for customer-visible failures.
Release discipline
Tag releases, keep changelogs for client-facing systems, and rehearse rollbacks. Production readiness is as much process as code.