Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "php php7"
-
I absolutely HATE "web developers" who call you in to fix their FooBar'd mess, yet can't stop themselves from dictating what you should and shouldn't do, especially when they have no idea what they're doing.
So I get called in to a job improving the performance of a Magento site (and let's just say I have no love for Magento for a number of reasons) because this "developer" enabled Redis and expected everything to be lightning fast. Maybe he thought "Redis" was the name of a magical sorcerer living in the server. A master conjurer capable of weaving mystical time-altering spells to inexplicably improve the performance. Who knows?
This guy claims he spent "months" trying to figure out why the website couldn't load faster than 7 seconds at best, and his employer is demanding a resolution so he stops losing conversions. I usually try to avoid Magento because of all the headaches that come with it, but I figured "sure, why not?" I mean, he built the website less than a year ago, so how bad can it really be? Well...let's see how fast you all can facepalm:
1.) The website was built brand new on Magento 1.9.2.4...what? I mean, if this were built a few years back, that would be a different story, but building a fresh Magento website in 2017 in 1.x? I asked him why he did that...his answer absolutely floored me: "because PHP 5.5 was the best choice at the time for speed and performance..." What?!
2.) The ONLY optimization done on the website was Redis cache being enabled. No merged CSS/JS, no use of a CDN, no image optimization, no gzip, no expires rules. Just Redis...
3.) Now to say the website was poorly coded was an understatement. This wasn't the worst coding I've seen, but it was far from acceptable. There was no organization whatsoever. Templates and skin assets are being called from across 12 different locations on the server, making tracking down and finding a snippet to fix downright annoying.
But not only that, the home page itself had 83 custom database queries to load the products on the page. He said this was so he could load products from several different categories and custom tables to show on the page. I asked him why he didn't just call a few join queries, and he had no idea what I was talking about.
4.) Almost every image on the website was a .PNG file, 2000x2000 px and lossless. The home page alone was 22MB just from images.
There were several other issues, but those 4 should be enough to paint a good picture. The client wanted this all done in a week for less than $500. We laughed. But we agreed on the price only because of a long relationship and because they have some referrals they got us in the door with. But we told them it would get done on our time, not theirs. So I copied the website to our server as a test bed and got to work.
After numerous hours of bug fixes, recoding queries, disabling Redis and opting for higher innodb cache (more on that later), image optimization, js/css/html combining, render-unblocking and minification, lazyloading images tweaking Magento to work with PHP7, installing OpCache and setting up basic htaccess optimizations, we smash the loading time down to 1.2 seconds total, and most of that time was for external JavaScript plugins deemed "necessary". Time to First Byte went from a staggering 2.2 seconds to about 45ms. Needless to say, we kicked its ass.
So I show their developer the changes and he's stunned. He says he'll tell the hosting provider create a new server set up to migrate the optimized site over and cut over to, because taking the live website down for maintenance for even an hour or two in the middle of the night is "unacceptable".
So trying to be cool about it, I tell him I'd be happy to configure the server to the exact specifications needed. He says "we can't do that". I look at him confused. "What do you mean we 'can't'?" He tells me that even though this is a dedicated server, the provider doesn't allow any access other than a jailed shell account and cPanel access. What?! This is a company averaging 3 million+ per year in revenue. Why don't they have an IT manager overseeing everything? Apparently for them, they're too cheap for that, so they went with a "managed dedicated server", "managed" apparently meaning "you only get to use it like a shared host".
So after countless phone calls arguing with the hosting provider, they agree to make our changes. Then the client's developer starts getting nasty out of nowhere. He says my optimizations are not acceptable because I'm not using Redis cache, and now the client is threatening to walk away without paying us.
So I guess the overall message from this rant is not so much about the situation, but the developer and countless others like him that are clueless, but try to speak from a position of authority.
If we as developers don't stop challenging each other in a measuring contest and learn to let go when we need help, we can get a lot more done and prevent losing clients. </rant>14 -
So, you start with a PHP website.
Nah, no hating on PHP here, this is not about language design or performance or strict type systems...
This is about architecture.
No backend web framework, just "plain PHP".
Well, I can deal with that. As long as there is some consistency, I wouldn't even mind maintaining a PHP4 site with Y2K-era HTML4 and zero Javascript.
That sounds like fucking paradise to me right now. 😍
But no, of course it was updated to PHP7, using Laravel, and a main.js file was created. GREAT.... right? Yes. Sure. Totally cool. Gotta stay with the times. But there's still remnants of that ancient framework-less website underneath. So we enter an era of Laravel + Blade templates, with a little sprinkle of raw imported PHP files here and there.
Fine. Ancient PHP + Laravel + Blade + main.js + bootstrap.css. Whatever. I can still handle this. 🤨
But then the Frontend hipsters swoosh back their shawls, sip from their caramel lattes, and start whining: "We want React! We want SPA! No more BootstrapCSS, we're going to launch our own suite of SASS styles! IT'S BETTER".
OK, so we create REST endpoints, and the little monkeys who spend their time animating spinners to cover up all the XHR fuckups are satisfied. But they only care about the top most visited pages, so we ALSO need to keep our Blade templated HTML. We now have about 200 SPA/REST routes, and about 350 classic PHP/Blade pages.
So we enter the Era of Ancient PHP + Laravel + Blade + main.js + bootstrap.css + hipster.sass + REST + React + SPA 😑
Now the Backend grizzlies wake from their hibernation, growling: We have nearly 25 million lines of PHP! Monoliths are evil! Did you know Netflix uses microservices? If we break everything into tiny chunks of code, all our problems will be solved! Let's use DDD! Let's use messaging pipelines! Let's use caching! Let's use big data! Let's use search indexes!... Good right? Sure. Whatever.
OK, so we enter the Era of Ancient PHP + Laravel + Blade + main.js + bootstrap.css + hipster.sass + REST + React + SPA + Redis + RabbitMQ + Cassandra + Elastic 😫
Our monolith starts pooping out little microservices. Some polished pieces turn into pretty little gems... but the obese monolith keeps swelling as well, while simultaneously pooping out more and more little ugly turds at an ever faster rate.
Management rushes in: "Forget about frontend and microservices! We need a desktop app! We need mobile apps! I read in a magazine that the era of the web is over!"
OK, so we enter the Era of Ancient PHP + Laravel + Blade + main.js + bootstrap.css + hipster.sass + REST + GraphQL + React + SPA + Redis + RabbitMQ + Google pub/sub + Neo4J + Cassandra + Elastic + UWP + Android + iOS 😠
"Do you have a monolith or microservices" -- "Yes"
"Which database do you use" -- "Yes"
"Which API standard do you follow" -- "Yes"
"Do you use a CI/building service?" -- "Yes, 3"
"Which Laravel version do you use?" -- "Nine" -- "What, Laravel 9, that isn't even out yet?" -- "No, nine different versions, depends on the services"
"Besides PHP, do you use any Python, Ruby, NodeJS, C#, Golang, or Java?" -- "Not OR, AND. So that's a yes. And bash. Oh and Perl. Oh... and a bit of LUA I think?"
2% of pages are still served by raw, framework-less PHP.32 -
Every day.
I am a PHP developer.
Yeah, "another PHP is awful" rant... no, not really.
It's just unsuitable for some ambitious projects, just like Ruby and Python are.
First of all, DO NOT EVER use Laravel for large enterprise applications. The same goes for RoR, Django, and other ActiveRecord MVCs.
They are all neat frameworks for writing a todo app, as a better-than-wordpress flexible blogging solution, even as a custom webshop.
Beyond 50k daily users, Active Record becomes hell due to it's lazy fat querying habits. At more than a million users... *depressed sigh*.
PHP is also completely unsuitable for projects beyond 5M lines of code in my opinion. At more than 25M lines... *another depressed sigh*.
You can let your devs read Clean Code and books about architecture patterns, you can teach them about SOLID & DRY, you can write thousands of tests... it doesn't matter.
PHP is scaffolding, it's made of bamboo and rope. It's not brick or concrete. You can build quickly, but it only scales up to a certain point before it breaks in multiple places.
Eventually you run into patterns where even 100% test coverage still doesn't guarantee shit, because the real-life edge cases are just too complex and numerous.
When you're working on a multi-party invoicing system with adapters for various tax codes, or an availability/planning system working across timezones, or systems which implement geographical routefinding coupled to traffic, event & weather prediction...
PHP, Python, Ruby, etc are just missing types.
Every day I run into bugs which could have been prevented if you could use ADTs in a generic way in PHP. PHP7 has pretty good typehints, and they prevent a lot of messy behavior, but they aren't composable. There is no way to tell PHP "this method accepts a Collection of Users", or "this methods returns maybe either an Apple or a Pear, and I want to force the caller to handle both Apple/Pear and null".
Well, you could do that, but it requires a lot of custom classes and trickery, and you have to rewrite the same logic if you want to typehint a "Collection of Departments" instead of "Collection of Users" -- i.e., it's not composable.
Probably the biggest issue is that languages with a (mostly) structural type system (Haskell, Rust, even C#/JVM languages to some degree, etc) are much slower to develop in for the "startup" era of a project, so you grab a weak, quick prototyping language to get started.
Then, when you reach a more grown up phase, you wish you had a better type system at your disposal...28 -
Having PHP as my most useful skill.
I know various other languages, but they're either too exotic for professional use, or my knowledge about them doesn't have the same depth as with PHP.
People joke about how awful PHP is, and it's not entirely true. The incongruous stuff such as confusing parameter ordering can be fixed with libraries. And PHP7 fixed a lot of the ugly stuff. A good dev can certainly write structured, readable, performant PHP code.
But there is a real hard limit. PHP is missing more complex type definitions present in other languages. A weak type system is like building stuff with popsicle sticks and bits of duct tape, it works fast and perfectly fine for small projects, but the lack of strictness is a problem when you have thousands of classes intertwined in all kinds of complex factory, service and repository patterns. And the simple type hints are still newish and fully optional, which means a lot of people don't use them.
So I regret getting stuck in this self reinforcing loop, where I learn more about a very imperfect language through employment, and keep rolling into jobs using that skill because it's what I'm most experienced with.16 -
Hello Monday:
0.Arrive late due to traffic.(Apparently a car hit a cow crossing the road)
1. Try upgrading php5 to php7 and break stuff in the process and waste 2 hours fixing things.(Poor connection so ssh sessions hung occasionally)
2.PHP fixed,open Gmail and get over 100 emails from clients about the server being down(because of (0)).Ignore all.Find a snaglist of over 20 TODOs.
3.Open Android Studio, update to 2.3 and everything becomes broken.Each time i open it ,it crashes and i have to "Report to Google"
4.Spend the next 1 hour reinstalling AS.It finally works.
5.Open Project and the libraries are broken.Spend another hour upgrading build tools.
6.Leave SDK to update and decide to check my Google Cloud console.$50 bill pending.Shit.
7.Try XCode. Remember the project is still in Swift 2 and I have to upgrade it(Would take eternity).Immediately closes xcode.
8.Gives up on life and decides to log into Devrant.4 -
Story time!
My exboyfriend used to code in php 5. It’s his favourite programming language, and I hardly teached him how to code in Python.
One day, I said to him: Hey schatz, let’s go to the sex shop ...
He: Oh yeah 😏
Me: ... and buy an elephant thong 😁
He: What?!
Me: Yes, a blue elephant thong for Php
Me laughed
Me: So?
He: No way!
Me: Please!!!!!
He: Ok. I’m working at a cultural events web page. When I got my first client, we’ll go to the sex shop and buy the “php thong”.
Well... I broke up with him before we could go to the sex shop 💔😂😭( for another reasons, not for the php thong, obviously)
Do you have any funny story like this?28 -
Dear Programming Languages,
if you only support weakly typed constructs, I wish you a special place in hell.
Dear Fellow Developers,
if you use a language that allows strong typing with weak typing, the next time we will meet after I have to fix a shitty bug due to that I will play piano on your teeth, and a melody you won't like.
And yes, that means PHP as well. PHP allows for strict types since php7.
So. Just. Fucking. Use. It.
There are no excuses!
I don't care if you don't see the benefit or find it "annoying" and tedious to write it out. Use a decent editor and it will be mostly code-completion anyway.
I just don't want to fix your fuckups. And if your fuckup is due to a typing issue that "slipped" by, you are part of the problem.
If you write software, it should be clear what type each and every variable or object has.
There are no excuses but your laziness.
If you want to be ambiguous, try poetry.23 -
So yeah, I got the first place in codecanyon's "Top New Authors" for the month of april and it feels awesome 😎😎1
-
I am a back-end developer, never suggested otherwise. My company is a firm of 50 people and owner hired a web designer to code our website. And it got hacked. Badly. So boss tells me to check if I can fix it. I take a look at the PHP and boy, written in PHP3, copy paste code from all over the place, hell the admin panel is a clone from a 2012 tutorial, nothing that remotely stares at the DB is checked for SQL, and now he wants me to design a new website, rewrite everything in PHP7 and had the balls to say "I know it's not your job, but it's a job, so do it"5
-
Hi,
I'm not a ranty person so I never actually thought I'd post anything here but here it goes.
From the beginning.
We use ancient technologies. PHP 5.2, Symfony 1.2 and a non RFC complient SOAP with NO documentation.
A year ago We've been thrown a new temporary project. An VOIP app for every OS.
That being iOS, Android, MAC, PC, Linux, Windows mobile. With a 3 month deadline. All that thrown at 4 PHP developers. The idea being that They'll take it, sign the delivery protocol, everyone happy. No more updates for the app needed. They get their funds they needed the app for and we get paid.
Fast forward to today...
Our dev team started the year with great news that We'll most likely have to create a new project. Since the amount of new features would be far greater than current feature set, we managed to finally force our boss to use newer technologies (ie. seperate backend symfony4 PHP7+/frontend react, rest api and so on). So we were ecstatic to say the least. With preestimates aimed at a minimum 3 month development period. Since we're comfortable with everything that needs to be done.
Two days later our boss came to me that one of our most annoying clients needs a new feature. Said client uses ancient version written on a napkin because They changed half of the specification 2 weaks before deadline in a software made not by a developer but some sysadmin who didn't know anything. His MVC model was practically VVV model since he even had sql queries in some views. Feature will take 3 days - fixing everything that will break in the meantime - 1-2 months.
F*** it, fine. A little overtime won't kill me.
Yesterday boss comes again... Apparently someone lost a delivery protocol for a project we ended that half a year ago. Whats even better at the time when we asked for hardware to test we never got any. When we asked about any testing enviornment - nothing. The app being SEMI-stable on everything is an overstatement but it was working on the os'es available at the time. Since the client started testing now again, it turns out that both Android app does not work on 8.1/9 and the iOS app does not work on ios12. The client obviously does not want to pay and we can do little with it without the protocol, other than rewriting the apps.
It will take months at least since all of those apps were written by people that didn't know neither the OS'es nor the languages. For example I started writing the iOS one in swift. Only to learn after half of the development time, that swift doesn't like working by C Library rules and I had to use ObjC also. With some C thrown in due to the library. 3 unknown languages, on an unknown platform in 3 months. I never had any apple device in my hand at that time nor do I intend to now. I'm astonished it worked out then. It was a clusterf**k of bad design and sticking everything together with deprecated apis and a gum. So I'll have to basically fully rewrite it.
If boss decides we'll take all those at the same time I'll f***ing jump of a bridge.8 -
PHP7
0 == ‘foobar’ // true
PHP8
0 == ‘foobar’ // false
Nuff said. Before you tell me that js also has quirks, just remember that js having quirks doesn’t make php less garbage.28 -
TL;DR you suck, I suck and everybody sucks, deal with it....
------------------------------------
Let me let off some steam, since I've had enough of people hating on languages "just because"
Every language has it's drawbacks and quirks, BUT they have their strengths also. Saying "I hate {language}" is just you being and ignorant prick and probably your head is so far up your ass that you look like an ass hat. With that being said, every language is either good or bad depending on the developer writing in it. Let's give you an example:
If I ware to give you a brick and ask you to put a nail in a plank, can you do it? Yes, it will be easier if you do it with a hammer, but you have a brick, so hammer is out of the question. If you hit your thumb while doing it... well... sorry, but it is not the bricks fault - it is YOU!
JavaScript, yes it has a whole lot of problems, but it works, you can do a ton of stuff and does a good job at that, it is evolving through node and typescript (and others, just a personal pref), BUT if you used js when you ware debugging that jquery (1.0) plugin written in the free time of a 13 yo, who copy pasted a bunch from SO, well, it is not js' problem - deal with it. Same goes for PHP, i've been there where you had a single `index.php` with bazillion lines of code, did a bunch of eval and it was called MVC, but it also is evolving.. thing is all languages allow you to do some dumb stuff so YOU have to be responsible to not fuck it up (which you always DO btw, we all do). Difference is PHP/JS roll with it because the assumption is that you know what you are doing, which again - newsflash - you don't.
More or less I would blame that shit on businesses which decided to go with undergrads to save money instead of investing in their product, hell, I am in a major company that does not invest that doesn't care a whole lot about dev /tech stuff and now everybody's mother is an engineer - they care about money, because investors care about money (ROI) and because clean code does not pay the bills, but money does.
If we get all of the good practices and apply them to each language every one of them has it's place, that is why there is no "The Language", even if there was, we STILL ware going to fuck it up and probably it was going to be even worse than where we are now.
Study, improve, rinse and repeat... There are SENIORS and LEADS out there that are about 25-30 and have no fucking clue about the language, because they have stuck up their heads up the ass of frameworks and refuse to take a breath of clean air and consider something different than their dogmatic framework "way" of doing things.. That is the result you are seeing. Let me give you a fresh example to illustrate where I am at atm:
Le me works with ZendFramework 2.3-2.5 (why not, which is PHP5+ running on PHP7 [fancy, eh]), and little me writes a module for said project, and tries to contain it in its own space, i.e not touching anything outside of the folder of the module so it is SELF-CONTAINED (see, practices), during 2-3-4 iterations of code review, I've had to modify 4 different modules with `if (somthing === self::SOMETHING_TYPE)` as requested by my TL, which resulted in me not covering 3 use-cases after the changes and not adding a new event (the fw is event-driven, cuz.. reasons) so I have to use a bunch of ifs in the code, to check a config value and do shit. That is the way of I am asked to do things I hate what I've done and the fact that because of CR I have lost case-coverage, a week of work and the same TL will be on my ass on monday that things are now "perfect".
The biggest things is "we care about convention and code style"... right.... That is not because of the language, not because of me, not because of the framework - it is some dude's opinion that you hate, not the language.
New stuff are better, reinventing the wheel is also good, if it wasn't you would've had a few stone circular things on your car and things ware going to be like that - we need to try and try, that is the only way we actually learn shit.
Until things change in the trade, we will be on the same boat, complaining about the same shit over and over, you and me won't be alive probably but things will not change a bit.
We live in a place where state is considered good, god objects necessary (can you believe it, I've got kudos for using the term 'God Object'... yep, let that sink in). If you really hate something, please, oh god I beg you, show me how you will do it better and I will shake your hand and buy you a beer, but until then, please keep your ass-hurt fanboy opinion to your self, no one gives a shit about what you think, we will die and the world will not notice...6 -
I have been around in awhile because I’ve been learning PHP/laravel. Holy shit has PHP changed. Composer, Valet, Laravel, and Brew makes life so much easier. I used to talk shot about PHP but it’s now my new favorite language. PHP7 is fantastic.2
-
I was at a meetup yesterday where the topic was PHP7. I'm frontend though went there because of my backend friend. I have one question. How the fuck do you guys understand PHP? To me it looks like total black magic fuckery. Respect to all my backend fellas!9
-
I'm sick of all the people who are complaining about PHP as if it were a shitty language.
Watch your mouth next time you abuse PHP or at least try to do so after reading 'about' section of devRant.13 -
Why did I volunteer to this shit...
I am supposed to maintain 4 old websites (like they were written 10+ years ago..). It's written in PHP, before mysqli, so all the calls to the DB is with mysql functions.. Now the server is to be updated and run PHP7.... guess what? those functions don't exist any more.... Now I have to patch several thousand files to use the mysqli functions... And no, there is no reason to rewrite it more than that, as I'm also developing the new versions om the sites, but those are so far from done and the new server needs the update as soon as possible, so bodging the shit out of this one...
Oh god the amount of repetitive labor 😫☹😭
And I'm not getting paid, because I'm doing it for my scout group... Tho they pay some of the Pizza 😜10 -
You know a shitty recruiter when he/she offers you a job because 'I analyzed your github profile and noticed your extensive expertise in PHP', although all you did was cloning an extremly large PHP project and made one commit over thousands of lines of code which you simply generated through a fully automated php5 to php7 converter.
Disclaimer: never wrote a line of PHP before.2 -
Hey guys. I have nothing to rant about the last few weeks.
I want to buy a book about advanced php. Cool ninja stuff I could do on backend... Do you have any suggestions for me?1 -
Craft CMS deployment on shared server, PHP5, Apache takes 10 - 30 seconds to load.
Craft CMS deployment on virtual shared server, PHP7, Nginx takes 1 - 2 seconds to load.1 -
For the past few months I've developed an oridinary digital shopping list. Just a simple web app written in php, HTML5, CSS3, JS and MySQL. From knowing nothing to having this feels great. Think what you want about it, but I'm quite proud of myself. First programming project, ever.
If you want to try it head over to https://app.esyshop.se.
Passwords are hased and salted with bcrypt.undefined first time full-stack please don't break it no profit php7 php mysql no ads feedback not a market plug4 -
After creating my own PHP MVC framework with Twig as templating engine, everything is now so simple and so fast, I juat cant belive how much I understand now. The development is just so smooth, you know exactly what to do all the time... And for my simple project, it does not even hurt that much to use PHP (and its even strictly typed 7.2, so not that bad). I think that I am in love. ❤6
-
Why people diss php when they don't know about php7 and awesomeness like laravel..
Framework for artists indeed6 -
Hello, one of the other devs on my team insists that using:
<?=$myVar?>
In a template is super dangerous but:
<?php echo $myVar?>
Is safer.
Why? Is this valid in PHP 7.3?16 -
Today I gave Php a try, I leaned the basics and oriented object programming of it . but now I dont know how to make UI in PHP . ans I need some advice what should I learn next im a .net programmer36
-
Boss thinks the CMS that another dev built over the course of a good year, will make customers say "ooooh yeah, I will definately come to you and pay a shitload of money for a buggy and unfinished system, even tho I will never be able to leave with a working copy of my website like I could with wordpress".
The whole effing things is based on an old, outdated version of a popular PHP framework.
Oh yeah, and I can not update <the framework> because the dev has tinkered with the core files :)
Yay.
The whole fucking thing won't run on PHP7 and will explode right into my boss's face.
Not mine though, because I will be gone by then :) -
Me, every time I get the chance the use PHPs most overdue function, or the null coalescing operator (??). Every little bit helps :)3
-
Again new language!!
This time scripting language...php and start learning today and finds interesting.
Suggest some best resources?
BTW i m enjoying learning php.yeahhhh✌️5 -
What do you think of Elixir + Phoenix to build API’s? Is it a better choice than a more established language like Python or something more new like Scala or Clojure?
At my company we're going through a watershed moment where we're starting to discuss and think about re-building our digital foundations and nothing is off limits. I'm leading the discussion about our architecture where everyone can have their say into what the future looks like for our applications. We're currently on a Drupal (CMS) + PHP7/Symfony (Backend Content Repository) + Symfony Twig templates (Frontend)
Even though I have been developing in PHP most of my career, I personally love Elixir and spend a lot of my time away from work learning it but many of my reasons feels subjective like pattern matching, it's actor concurrency model, immutable data and not having to deal with classes/objects, and I'm not entirely sure how that translates to business value, advocating successfully for a tech stack change requires solid reasoning and good answers to challenges like how do we find Elixir developers when existing devs leave, how easy is it to build a CI/CD pipeline for Elixir/Phoenix, etc.4 -
I've been wondering about renting a new VPS to get all my websites sorted out again. I am tired of shared hosting and I am able to manage it as I've been in the past.
With so many great people here, I was trying to put together some of the best practices and resources on how to handle the setup and configuration of a new machine, and I hope this post may help someone while trying to gather the best know-how in the comments. Don't be scared by the lengthy post, please.
The following tips are mainly from @Condor, @Noob, @Linuxxx and some other were gathered in the webz. Thanks for @Linux for recommending me Vultr VPS. I would appreciate further feedback from the community on how to improve this and/or change anything that may seem incorrect or should be done in better way.
1. Clean install CentOS 7 or Ubuntu (I am used to both, do you recommend more? Why?)
2. Install existing updates
3. Disable root login
4. Disable password for ssh
5. RSA key login with strong passwords/passphrases
6. Set correct locale and correct timezone (if different from default)
7. Close all ports
8. Disable and delete unneeded services
9. Install CSF
10. Install knockd (is it worth it at all? Isn't it security through obscurity?)
11. Install Fail2Ban (worth to install side by side with CSF? If not, why?)
12. Install ufw firewall (or keep with CSF/Fail2Ban? Why?)
13. Install rkhunter
14. Install anti-rootkit software (side by side with rkhunter?) (SELinux or AppArmor? Why?)
15. Enable Nginx/CSF rate limiting against SYN attacks
16. For a server to be public, is an IDS / IPS recommended? If so, which and why?
17. Log Injection Attacks in Application Layer - I should keep an eye on them. Is there any tool to help scanning?
If I want to have a server that serves multiple websites, would you add/change anything to the following?
18. Install Docker and manage separate instances with a Dockerfile powered base image with the following? Or should I keep all the servers in one main installation?
19. Install Nginx
20. Install PHP-FPM
21. Install PHP7
22. Install Memcached
23. Install MariaDB
24. Install phpMyAdmin (On specific port? Any recommendations here?)
I am sorry if this is somewhat lengthy, but I hope it may get better and be a good starting guide for a new server setup (eventually become a repo). Feel free to contribute in the comments.24 -
A very good talk about php from the creator of php. I like it how he self never thought that php will grow that big. He always thought that php has 6 months left before a better Technologie comes that replace php completle.
https://youtu.be/wCZ5TJCBWMg3 -
Welp, learning PHP for work now. Have to use an Open source thing built in Drupal for a Professor's research, but that means I need to learn PHP and how to style the site to match our existing style that we use on our ASP.NET sites. I'd be more excited if I was sure I could use PHP7, but it's at the mercy of how backwards compatible it is with 5.5.
I'm less than thrilled.2 -
Why is it that PHP 7 has all mysql_ tags disabled by default.. it's such a pain to change everything.6
-
The consistency of php standard lib function is astonishing. array_map, array_reduce ...
Why do I have to use php7 😢😢😭😭😭1