Production

Go Live Checklist

Complete this checklist to ensure your integration is ready for production.

Before You Go Live

Review this entire checklist before processing your first production payment. Missing critical items can result in payment failures, security vulnerabilities, or compliance issues.

Pre-Launch Checklist

Account Setup

Ensure your merchant account is fully approved and configured

Complete KYB verification
Submit all required documents
Receive approval email from EPaySe
Configure bank account for settlements
Set up team members and permissions

Security Requirements

Critical security implementations required for production

Generate production API keys
Store API keys securely (environment variables)
Configure valid SSL/TLS certificate (HTTPS)
Implement HMAC signature verification
Enable webhook signature verification
Set up firewall and IP whitelisting
Implement rate limiting on endpoints

Integration Testing

Verify all payment flows work correctly in production

Test successful payment flow in production
Test failed payment handling
Verify webhook delivery to production
Test refund processing
Verify 3D Secure authentication
Test all supported payment methods

Infrastructure

Production-ready infrastructure and monitoring

Set up production database backups
Configure error logging and monitoring
Set up application performance monitoring
Configure auto-scaling if needed
Set up CDN for static assets

Compliance

Legal and regulatory requirements

Review and accept Terms of Service
Display privacy policy on checkout
Implement PCI DSS requirements
Set up fraud prevention rules
Configure transaction limits

Critical Security Requirements

Security Cannot Be Skipped

These security requirements are mandatory for production. Failure to implement them can result in account suspension and legal liability.

SSL/TLS Certificate

Ensure valid HTTPS certificate for all production URLs

Critical

API Key Management

Store production keys in secure environment variables

Critical

Webhook Security

Verify all webhook signatures before processing

Critical

Error Handling

Implement comprehensive error logging without exposing sensitive data

High

Switching to Production

Update Configuration

Change your SDK configuration to use production API keys and endpoints

PHP

Production Configuration

<?php
// ❌ BEFORE (Sandbox)
$client = new EPaySe\Client([
    'api_key' => 'sk_sandbox_...',
    'api_secret' => 'sandbox_secret',
    'environment' => 'sandbox'
]);

// ✅ AFTER (Production)
$client = new EPaySe\Client([
    'api_key' => getenv('EPAYSE_API_KEY'), // sk_live_...
    'api_secret' => getenv('EPAYSE_API_SECRET'),
    'environment' => 'production'
]);

Environment Variables

Store production API keys securely in environment variables

Bash

Production Environment Variables

# .env (Production)
EPAYSE_API_KEY=sk_live_your_production_api_key_here
EPAYSE_API_SECRET=your_production_api_secret_here
EPAYSE_ENVIRONMENT=production
EPAYSE_WEBHOOK_SECRET=your_webhook_secret_here

# Never commit .env files to version control!
# Use .env.example as a template

Monitoring and Logging

Set up comprehensive monitoring to catch issues before they affect customers.

Database Optimization

Index frequently queried fields, optimize transaction queries

Caching Strategy

Implement Redis or Memcached for session and API response caching

Load Balancing

Set up load balancer for high-traffic scenarios

Monitoring

Configure uptime monitoring and alerting

Error Monitoring Setup

JavaScript

Monitoring Setup Example

// Set up error monitoring (e.g., GlitchTip — Sentry-compatible)
const Sentry = require('@sentry/node');

Sentry.init({
    dsn: process.env.GLITCHTIP_DSN,
    environment: 'production',
    tracesSampleRate: 0.1,
});

// Log payment errors
try {
    const transaction = await client.transactions.create({...});
} catch (error) {
    Sentry.captureException(error, {
        extra: {
            orderId: orderId,
            amount: amount,
            userId: userId,
        }
    });
    throw error;
}

Webhook Monitoring

PHP

Webhook Monitoring Example

<?php
// Monitor webhook delivery and processing
$webhookReceived = time();

try {
    $event = $client->webhooks->verify($payload, $signature);

    // Process webhook
    processWebhook($event);

    // Log successful processing
    $processingTime = time() - $webhookReceived;
    logger()->info('Webhook processed', [
        'event_type' => $event->type,
        'event_id' => $event->id,
        'processing_time_ms' => $processingTime * 1000,
    ]);

    http_response_code(200);

} catch (Exception $e) {
    // Alert on webhook failures
    logger()->error('Webhook processing failed', [
        'error' => $e->getMessage(),
        'payload' => $payload,
    ]);

    // Send alert to monitoring system
    notifyWebhookFailure($e);

    http_response_code(500);
}

Launch Steps

Complete Pre-Launch Checklist

Ensure all items in the checklist above are completed

Perform Final Testing

Test with small amounts in production before full launch

Monitor Initial Transactions

Closely monitor first 24-48 hours of live transactions

Gradual Rollout

Start with limited traffic and gradually increase

Set Up Alerts

Configure alerts for failures, high error rates, and downtime

Need Help Going Live?

Our team is here to help ensure a smooth launch. Contact us with any questions or to schedule a pre-launch review.