Deployment Best Practices

Jun 4, 2016 • Matt Karmazyn
Edited: Jun 4, 2016

Best practices around deployment


Credentials are kept in the environment.

Reduce surface area of attack

The less software you have installed, the less potential vulnerabilities and exploits you are exposed to. Reduce the surface area of attack by removing old software.


Clean the directory before deploying. Back it up if you must, but always deploy to a clean directory. There is nothing worse than trying to diagnose an issue when there are files left over from previous deployments cluttering up the directory.


Try to keep your infrastructure as consistent as possible. This means going back and updating old software/servers to meet your new standards. It’s likely a vulnerability risk, and the more time that passes without touching a system, the more likely it will break when you finally do touch it. When that happens it will be more difficult to fix as it is not up to your current standards.