Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
So I've always relied on more traditional hosting when it comes to hosting my websites - either with shared or dedicated hosting. The time has come (or maybe it came long ago) for me to consider the cloud. But with the cloud come a few concerns (all arising out of my own ignorance) and I'm hoping StackOverflow can put my fears to rest.
While I've heard some answers to my questions in the past, I'm hoping to get enough feedback, and also hopefully provide a valuable resource to any others out there like me.
1) First off - how does it all work? I mean, I get the network of clouds, spinning them up and down as I need it. But until now, I've always opened up an FTP client, connected to my server and uploaded my website. My guess is this all works the same way with the cloud, but how is it all managed? How do I update files and how would I delete them? Would an FTP client suffice for the simple file-management of a website?
2) A lot of shared hosts use PHP4, and allow PHP5 with the right extension - how does this, and all the PHP extensions work? How would I turn on the mod_rewrite extension, for example? How would I select my version of PHP? Can I curl?
3) What about things like cron jobs, or administrating a mysql database? Can I access my database via a phpmyadmin interface, or via the MySQL Query Browser?
4) Lastly, how does the cost really compare to shared hosting? I know it all depends on traffic, so to phrase my question differently, where do the cost lines intersect (if at all?) For example, if I pay $100/month for a dedicated server, and can support 300,000 page visits, or 2-3 page visits per second, what would the cost be for similar usage?
As always, I appreciate the help, and hope it's enough to encourage me to use the cloud. It's so fancy!
I'd vote for Cloud Sites http://www.rackspace.com/cloud/cloud_hosting_products/sites/
I'd imagine the methods used to manage your site (in the case of Cloud Sites) would be very similar to that of your traditional shared hosted with something like Plesk or CPanel installed.
The term "Cloud" is used in many ways... What you describe is more likely a virtual root server - which you can freeze or unfreeze at will (EC2, JiffyBox (Disclaimer: I am not affiliated with any of these :)).
If you have good LAMP/Linux knowledge you do not have to worry about things like mod_rewrite etc. because you have the power to change it to your liking.
If your knowledge about root servers is limited - you can install free/open-source tools like webmin.
If your are not to enthusiastic about running your own server - a managed hosting ist probably better.
Sorry - I cannot comment on the costs.
You should be afraid...very afraid.
For offloading multiple long running tasks, clouds are fine.
However, when every web request to build a page has to go through a boat load of algorithms to find the resource, performance will suffer. (In my limited experience).
Do testing before committing to anything.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 3 years ago.
Improve this question
I'm working in a company where we have build a SaaS-application with the PHP/MySQL/Redis/JS-stack.
It runs in our own Google Kubernetes Engine as a hosted/managed service for our clients.
Most of our business logic is placed in the PHP-layer.
Now we want to provide our product as an on-premise solution, so that our clients can deploy the whole product in their own private cloud or maybe even in their own basement.
This also means that the clients get access to all our "business secrets" (business logic) and this worries me.
We are a small business and we are doing business with large companies. Some of them might be interested in doing what we do themselves.
PHP is not compiled and the obfuscaters I have found does not seem to obfuscate the code too much.
We have talked about following solutions:
Trust the customers to not copy/get inspired by our solution and only protect it through law/contracts
Move some vital parts of our logic to our own server and make the on-prem solutions call to our server sometimes. This way we can control licensing etc. But we fear that the customers then will say that it is not totally on-prem. Which is true.
Obfuscate it the best we can and hope for the best. Maybe we are just paranoid?
Do something that makes it possible for the clients to run the code in their private cloud without accessing the source code - we have looked into Google Cloud Marketplace, but as far as I can see, the clients will get access to the VM.
Do you have any good inputs in this regard?
We are looking for creative solutions. The main goal is to protect our business.
It would be best if we could offer our Kubernetes setup as a fully on-prem solution, but if you have good ideas to how we can provide it to client's private cloud (even only in GCP) that is also very welcome.
Thanks in advance!
Your question relates rather to IP than to k8s and clouds.
Solutions are:
Trust and open source
Trust the customers to not copy/get inspired by our solution and only protect it through law/contracts
You are right. And there is a power.
“The best way to find out if you can trust somebody is to trust them.”
― Ernest Hemingway
You can select appropriate license and give your app to the client.
See this answer:
Some parts of a EULA that come to mind:
Limiting your liability if the product has bugs or causes damage.
Spelling out how the customer can use their licensed software, for how long, on how many machines, with or without redistribution rights, etc.
Giving you rights to audit their site, so you can enforce the licenses.
What happens if they violate the EULA, e.g. they lose their privilege to use your software.
You should consult a legal professional to prepare a commercial EULA.
"EULA advice" on joelonsoftware
"How to Write an End User License Agreement"
Not-prem
Move some vital parts of our logic to our own server and make the on-prem solutions call to our server sometimes. This way we can control licensing etc. But we fear that the customers then will say that it is not totally on-prem. Which is true.
Not the best solutions since it's not real on-prem.
Your client's servers may be located in secure zone under firewall without access to your server.
Anyway, it's popular solutions.
For example, see how Vepp works.
Obfuscate it the best we can and hope for the best. Maybe we are just paranoid?
Solutions are:
ionCube PHP Encoder
SourceGuardian
Thicket™ Obfuscator for PHP by Semantic Designs
Zend Guard
There are some vital examples of php-driven self-hosted applications.
I.e. Self-hosted Bitrix24
Private cloud with ecryption
Do something that makes it possible for the clients to run the code in their private cloud without accessing the source code - we have looked into Google Cloud Marketplace, but as far as I can see, the clients will get access to the VM.
Yes, you can distribute your app as encrypted VM.
VirtualBox: install Oracle VM VirtualBox Extension Pack and enable disk encrytion
VMWare-vSphere You can use virtual machine encryption since v6.5
AWS, GCP, Azure support encryption of your data. If your client agreed with cloud hosting, it might work.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
I have been running XAMPP on Windows 2008 R2 for many years now, I'm only using Apache, MySql and FileZilla. I have made many custom adjustments and upgraded it serveral times. I have addressed all the security issues I have been able to find. Running as services, the servers are never down as long as Windows Server is up. They are incredible stable. Why on earth do people tell me I should not do this? None of the Q or A's I have seen here deals with the specifics, most of them ends up in typically "it's not recommended", "it's says so on the XAMPP web site, therefore it's bad". I understand that you shouldn't use XAMPP out of the box for production because it is not secure. But having changed all root users, using https/certificate instead of plain http, using MySQL users with limited privileges in my scripts, using prepared statements (either PDO or mysqli) in php MySQL queries, catching exeptions, handling errors, protecting file folders and the nitty gritty of php programming I cannot see why I can't continue to use XAMPP for production. I have NEVER experienced ANY trouble. I have settled with the perception that security is not the main problem, there must be something else. Maybe scalability or manageability of large websites with millions of users (which is not my case)? Please tell me, but only if know what you are talking about!
EDIT: I got a noteworthy comment elsewhere:
It's just not meant to do anything more than development and boutique
use. And the opinion based comments tell you why the exchanges tend to
kick these kind of questions off as people who've worked with XAMPP
and WAMP kind of have been there and weren't impressed, but didn't
bother to gather empiric data to back up their opinion.
This is a fair comment, and it might also be THE best answer I will ever get, but it I can live with that. It is great cue for exploring new computer architectures for my software.
Like you say yourself, it's all about security and out-of-the-box, XAMPP is pretty insecure. Apart from that there are no real drawbacks that I can see. The software in XAMPP is regularly used in stable, secure, commercial systems. It takes a bit of knowledge and time to configure XAMPP to become secure enough for production use (and this is the reason why people keep telling you not to do it), but since it looks like you've got it covered there should be no problem.
Though I haven't ever tried to configure windows in that way, I can think of a few problems (other than security):
managing windows and software updates - I find it hard to manage whole windows system through console and I can't imagine managing it in production
performance - (comparing localhosts) linux in my case was always faster
scalability of web apps - majority of apps is set up to work in linux server envirionment, so running or integrating 3-rd party libraries or other apps can be sometimes difficult eg. other paths, calls to console could not work etc.
These problems could be irrelevant in your case, but when developing a bigger project should be taken into account.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I am a .net developer. A friend of mine is planning to outsource a website. He is getting quotes which are very cheap but the sites will be in php/msql.
At this point he is not having any resource and that includes no development machine, no programmer or whatsoever (he only has some money to invest :)). Now he wants me to get involved in this project and manage the website once the outsourcing company hands us over the application (including source-code).
Till now I have worked with VS / ASP.NET / IIS and VSS. I haven't worked a bit with php/mysql but given google / SO and little time I will be able to manage.
So I need help on identifying:
1: What and all I need on my development machine. Because after the application is handed over to me, I will be responsible to fix minor bugs and minor modifications. For major addition of new features we might go back to outsourcing(same or different company).
2: Anything specific to web-hosting I need to be aware of because ultimately I will be responsible to find host provider and manage the website.
3: Anything that can help me get going fast on php.
Editor: PHPStorm or Eclipse are popular choices.
Test Server: XAMPP which you can install locally on windows.
Version Control: Subversion (choose whichever client and server you find free).
Hosting: I like site5 for cheap shared hosting. Depends on the site's needs however.
Learn phpMyAdmin. It's a simple to use MySQL database administration tool that's already included on most lamp stacks. Allows you to set up tables, run queries, backup, etc.
I like XDebug for remote debugging and profiling. Most major IDEs are integrated with it.
To learn the code, just use the PHP online documentation. It's pretty good.
Make sure you have a similar setup as to what the outsourcing company used. Mainly: OS, Webserver/version, PHP version, MySQL version. Differences are minimal but they do crop up every now and then.
Don't skimp on price. If your hosting plan is cheap you will get exactly that.
Read their code and try to understand it (PHP is very easy to read). If you can't understand it they probably did a very bad job ;)
Suggest hitting godaddy.com for your hosting needs for most small-medium solutions. While it's true that you can host a server in your basement, it's generally more trouble than it's worth; you can buy a domain name and a year of hosting for a hundred dollars and save yourself dozens of hours of headache and downtime. While there are places that will host your site for free, a lot of times you get what you pay for.
Once the site is developed it's a (relatively) simple matter to copy-paste the site files and database; your outsource company can probably deploy their product to your godaddy server in a matter of minutes.
For your dev machine, I recommend Eclipse with the PDT plugin as your editor (download the "php version" of eclipse). I strongly recommend svn or some other source control. It's very useful to have apache and mysql installed on your dev box along with your site and db so you can test changes locally. When developing, it's good practice to test on at least IE, firefox and chrome as they're the most popular browsers at the moment.
php.net is the equivalent of the java.sun.com/reference/api/ and is searchable by function name. It also has a manual; start here http://www.php.net/manual/en/ but for small edits, if you're familiar with any c-syntax language and html you shouldn't have a problem. Just don't forget your dollar signs and semicolons.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
My friend and I accepted simple PHP job, he has some experience working with a small team of developers and I'm new to this (and PHP to be honest :).
When I asked him about his environment I found out they (he and his previous team) never used source control, just a shared FTP server with a lot of mess. Now beginning this project I want to do it properly and use source control, I did some research and it looks like SVN is the simplest to use and fits our simple requirements.
My problem is that I don't really have an extra box to create a server... I have two options, one is to use my main windows machine as a server (it's always on so that's not a problem) BUT I can't always guarantee that it will be on when I'm far from home and I don't like how it will waste CPU cycles (It's also my gaming rig), the other option is to use an old laptop I have lying around (a Pentium 3 with about 128-256MB of RAM) and install the slimmest version of linux on it and the SVN server. it has the advantage of being simple, cheap and easy to maintain, but it has the disadvantage of being alow performing old laptop and having some uncertainty about it's reliability (I guess I'll set up some backup to my main machine).
Which option is better? I would prefer using the laptop but I'm unsure if its specs will slow us down, if I do use it, what version of linux would you recommend, and how simple is it to add some regular backup to it (I have almost no linux experience but I'm glad to learn).
PS. forgot to mention, both of us developing on windows machines.
EDIT: Most of you recommend Git and Mercurial, I think I'll go with mercurial because I read that git is more complicated, I really want the simplest solution that I can find. Unless git has some major advantage over mercurial? or maybe mercurial is the better one for the job?
Look at distributed version control systems like git and Mercurial (hg). Both have free/cheap hosting services (e.g., http://www.github.com and http://www.bitbucket.org) and are well suited for multiple developers working independently.
Also both have good tooling on Windows.
Why not use bitbucket/mercurial (hg)? You can set up (apparently) free private depots. Mercurial is crazy easy to use and is a lot newer (and rapidly gaining popularity) than svn.
Use git. It was designed and written by the guy who started Linux and he knows what he's doing.
You don't need a server for git, each user has a copy of the whole repository and you sync to each other. There is a bit of a learning curve, but if you're smart it will make you better developers.
DVCS like git is cool because you do not even need server. You basically just "synchronise" your code between each other here and there and due to fact that each repository has data from all repositories once is "synchronised" you do not need extra backup or server in most cases.
I found nice feature whit git (probably whit other VCS-s too) is that since they are just file based you can use any (free) cloud storage / ftp / git_server to backup your files in case of cataclysmic catastrophe.
I would highly recommend Mercurial (hg) as mentioned above, simple, easy to use and distributed. Personally, I prefer it slightly to Git and secondly its Windows support is better.
Bitbucket also lets you have free private repositories whereas Github is only free for public repos. Which I am guessing will be a factor if you are producing commercial code.
Why not go another route and get GitHub.com (pretty cheap, but costs a little) or BitBucket.com (this one is free for up to 5 users and unlimited repositories). You'll avoid a lot of headaches from maintaining your own servers.
If you want to host it yourself, check out subversion edge. Its a packaged svn that comes with apache and some management tools.
If you dont want to deal with admin stuff, check out beanstalk. They do hosted SVN.
Or, you could use something like git and github; but if you're really set on svn, check out beanstalk
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
Does anyone have an example of something that can not be done on a Windows2000 server using PHP5?
UPDATE: Just to clarify, my problem isn't with IIS, or that I'm an "only open source" kinda guy. It's that the hosting is a terrible package across the board. The storage and bandwidth are ridiculous, there's no control panel so in order to do anything, even something as simple as setting up a cron job, requires contacting tech support, who grumbles about having to implement it and also seems to operate on the same timeline as the people on the island in lost.
Why not just tell the client I hear you ask! Tried it and failed. The hosting company isn't a hosting company, it's a friend of the client and nothing I say makes a blind bit of difference. I know my client is paying through the teeth for a hunk of crap but they just wont listen. On top of that, I've had to make some minor, but fundamental changes to the code base to adapt to the servers funky set up which means I now have to maintain two code bases. My development version, and the live version. it's doable, but it's wasted effort and on a tight deadline, I have better things to do with my time.
The only way I'm going to get my client to "do the right thing" is to come up with something that wont work because of the server. If not, I'll finish the job, upload it, wash my hands of it then never touch it again because it's more hassle than it's worth. I don't want to do that because I like to take pride in my work, but I will not waste my time compensating for a lazy ass server admin who really couldn't care less wether things work or not and I also wont take the blame for them either. This is my last ditch attempt to get help out a client who doesn't want to be helped. Maybe my title was misleading but I didn't want to bore everyone with the details, I just needed an answer and thought WIMP for LAMP would be the quickest way to ask. Moving to another WIMP environment wouldn't bother me, but as you can see, that's not going to happen.
On IIS 6, which ships with Windows 2000 Server, PHP will run as a CGI ... Therefore it can accomplish anything that it can do on a *nix server under apache. You must also have the supporting extensions and services installed like MySQL...
Its not a good practice to blame the technology for a mistake which is made by your client.
Explain your problems to the client (Again and Again)
Charge him more and tell him that's because of the problems you faced
Deliver the project late (Inform him earlier) tell him that this is because of the poor support from the hosting.
Find a better and cheap hosting and show the comparison to your client.
If nothing works!! QUIT! :)
It sounds like your team are using Windows, and you are an open source fan who wants to switch the Linux/Apache but don't have a good technical reason. So you are fishing here.
My comment would be that if you don't have a good reason yourself, why not stick with Windows. If you do have a good reason yourself, argue that good reason that applies to your project. Each technology has it's own advantages and disadvantages, and both are used successfully in production.
Of course, if I've misread the situation I apologise - can you edit your question to explain the situation better.
It might be hard to find a good systems administrator that knows IIS and PHP inside out.
I assume you aren't currently taking advantage of Apache's mod_rewrite utility. That's something that you can't quite do on Windows (you can, but it's a bigger job even with the latest routing / REST)
This would be a very strong case if they want restful URLs, which are often cited as good for search engines!
Other than that, charge more. If you're on a fixed rate, explain your reasons for not being able to meet the budget and quote for the additional work. These problems are usually generated by an unfair price (i.e. unfair on you in this instance).