Corporate Website Checklist: 40 Items Before Going Live

Think of the go-live process not as a “one-button button” but as a controlled transition: staging → pre-prod → prod. Because making mistakes at launch is expensive: search engine crawling gets the wrong signal, user gets lost on first impression, form/booking flow breaks. Best practice; is to divide the checklist into blocks (Technical / Content-SEO / Form-Integration / Security-KVKK) and define “responsible + evidence” for each block.

Go-live hygiene approach: “Has everything passed?” but “is there any evidence?” (screenshot, test link, report, log, e-mail) question. This provides clarity, especially in agency-client relationships.

☑ Mini Check

• •Have the responsible person and type of evidence been assigned to each control item?
• •Is there a rollback plan for the go-live day?
• •Has a monitoring plan been determined for the first 72 hours after the broadcast?

The technical block is the area that is invisible but deals the most damage. “The site is opening” is not enough; If performance, security, redirection and error management are not correct, SEO and conversion will drop at the same time. Especially in mobile traffic (most of the time in hotel and B2B), speed and interaction metrics (Core Web Vitals) are critical.

SSL/TLS, HTTPS and Secure Relay

HTTPS is not just a “lock icon”; When not configured correctly, it produces mixed content, incorrect redirect chain, and lack of security headers.

• •Is the SSL certificate valid and does it cover all domains?
• •HTTP → HTTPS redirect in one step?
• •Is there an HSTS plan? (Assumption: Recommended for corporate projects)

☑ Mini Check

• •Are all pages HTTPS?
• •No mixed content?
• •Does one step 301 redirect work?

Redirect, URL Structure, 404/500 and Logic

The most common problem after go-live: old URLs falling apart, incorrect 302 usage, 404 increase. URL hygiene determines the risk of “traffic loss,” especially during content migrations.

• •Is the redirect map ready? (Old → New)
• •Does the 404 page redirect the user?
• •Are there alerts for server errors like 500/502?

Core Web Vitals (LCP, INP, CLS) and Mobile Experience

Core Web Vitals affects not only SEO but also purchasing/lead performance. Set targets at least on the main template pages: LCP, INP, CLS should be followed.

☑ Mini Check

• •Has visual optimization (WebP/AVIF, lazy-load) been done?
• •Reduced JS/CSS bloat?
• •Have mobile menu, slider, pop-up behaviors been tested?

Technical SEO Foundation (Robots, Sitemap, Canonical)

In line with your technical SEO note, this blog content should also hyperlink to /seo/technical-seo content.

• •Is robots.txt correct? Have staging restrictions been removed in Prod?
• •Is sitemap.xml up to date and Search Console ready?
• •Are canonicals correct (especially filtered pages etc.)?

Relevant internal link: /seo/technical-seo (technical control details)

☑ Mini Check

• •Are index/noindex rules verified in prod?
• •Is Canonical pointing at itself?
• •No bad/duplicate URLs in sitemap?

Content control at launch: "Is there text?" not; It is search intent + semantic coverage + page architecture control. H1-H3 hierarchy, title/meta quality, internal link network and multilingual tags (if any) must be correct at the same time.

Title/Meta, H1–H3 and Snippet Editing

Each page should have a single purpose and a single “main sentence”. Title/meta carries this sentence; H1 brings this sentence down to the field.

☑ Mini Check

• •Is the Title in the 55–60 character band?
• •Is the meta description 150–170 characters, does it have a benefit+CTA feel?
• •Is H1 the only one, do H2/H3 make sense?

Internal Links and Navigation

Internal linking is the “next step” not only for SEO but also for the user. Where did the user come from, where will he go? After go-live, "room/offer/reservation" paths should be clear, especially on hotel sites, and "get service/offer" paths in B2B.

What should I do?

Multilingual Structure (If Available) — Hreflang and Language Tags

Assumption: Your site may have multiple languages ​​(such as TR/EN/DE/RU). In this case hreflang is the place that gets errors most often: wrong self-reference, missing returns, wrong canonical.

☑ Mini Check

• •Is each language page linked by mutual hreflang?
• •Has the default (x-default) strategy been determined?
• •Doesn't the language switcher throw you to the wrong page?

This part is the “money-making” part of go-live. Reservation/offer flow on hotel sites; In B2B, lead form + CRM flow should work without interruption. If the form appears to be going through but the email is not sent or a lead is not written to the CRM, the conversion is reset.

How do I test the form and booking flow?

Construct the form/reservation test as an end-to-end scenario, not a “one-click” scenario: test form → verification → email/CRM registration → notification → reporting. Try at least 3 scenarios: normal, missing field, generate error (captcha/timeout). Prove the results (mail screenshot, CRM record, analytics event).

Test Emails, SMTP and Notifications

• •Was a test email sent (Gmail/Outlook different test)?
• •Is SMTP/DKIM/SPF (Assumption) verified?
• •Are admin notifications + user thank you messages correct?

☑ Mini Check

• •Is there a test record and evidence for each form?
• •Has the risk of falling into spam been checked?
• •Are error messages user friendly?

PMS/OTA Link Tests for Hotels

Critical point in hotel projects: booking engine, PMS connection, OTA redirects and campaign codes. Especially in highly competitive destinations such as Antalya-Belek, it is expensive to stay even one day with a "bad booking flow".

What should I do?

• •Test booking CTAs on 3 devices (iOS/Android/Desktop)
• •Record the campaign code / date selection / room selection steps
• •Leave the user on a blank page in case of error: open “alternative offer form”

Lead Form and CRM Flow for B2B

In B2B, "lead" means sales pipeline. If the number of critical errors decreases in the first 30 days after Go-live, the important reason for this is the correct establishment of the form + CRM flow (sheet data point).

• •Are leads falling into CRM?
• •Is the source/medium captured correctly?
• •Is the Sales team notified?

KVKK and security are not areas of "we'll add them later". Cookie banner, information texts, explicit consent, form checkboxes and data storage processes are part of go-live. KVKK becomes complicated, especially when third parties such as remarketing, analytics, and reservation engines come into play on hotel sites.

KVKK, Cookie Banner and Policies

• •Have the information text, privacy policy, cookie policy been published?
• •Is the cookie banner managed by category? (Assumption: recommended)
• •Is explicit consent/information correct in the forms?

☑ Mini Check

• •Is cookie preference saved?
• •Is the tag behavior correct after rejection/accept?
• •Can policy pages be accessed from the footer?

Basic Security (WAF, Rate Limit, Backup)

Assumption: Minimum security standards are required in corporate projects.

• •Are admin panels protected (2FA, strong password policy)?
• •Is there a rate limit / bot protection?
• •Have backup and restore been tested?

The “critical pages” of each sector are different. At the hotel: room/offer/reservation flow, season pages, destination contents (Antalya, Belek, Side, Kemer, Bodrum) and campaign landings. In B2B: service pages, case studies, quote form, testimonial/certificate fields.

Additional Control Set for Hotel Sites

• •Speed ​​and visual optimization on destination pages
• •Visibility of booking CTAs
• •Tracking in seasonal campaign landings

What should I do?

Additional Control Set for B2B Corporate Sites

• •Are lead form events measured (GA4/GTM)?
• •Are case studies / references accessible?
• •Are there “lead quality” areas for the sales team?

In summary, 4 blocks: Technical (HTTPS, speed, redirect, error management), Content-SEO (title/meta, H structure, internal link, index), Form-Integration (test flow, mail/CRM, reservation), KVKK-Security (cookie banner, policies, data processing, backup). If you generate “evidence” for each of these blocks, post-go-live surprises will be significantly reduced.