Codementor PHP expert Ben Edmunds joined us for a session in Office Hours and gave his insight on what how far a PHP developer should go with their DevOps, which should be pretty useful for those who are working on the development and managing their servers at the same time.
The text below is a summary done by the Codementor team and may vary from the original video and if you see any issues, please let us know!
I’m pretty lucky to have someone working on the DevOps with me, so admittedly my server knowledge is sort of lacking. What I have done in the past for side projects is that I set up the servers and then pay an ops guy to come behind me and take care of the server. I’ve also hired someone for about four hours to setup a base box and secure it for me, and I could just copy the secure image and keep going from there. Naturally, you’d want to do this periodically because things change and there are going to be new hacks among other issues.
Even if you’re determined to do everything by yourself, I would still recommend hiring someone to consult just behind you to make sure things are all right. Even if they simply come in and say everything is fine, at least you’d have a peace of mind and can sleep better without having to worry about things such as whether you’ve forgotten to check something in the firewall.
There’s a lot out there that we have to learn in general, and it can be difficult to learn everything about servers, backend, and frontend equally. Thus, I personally like to get help when I can.
Furthermore, I’ve seen more hacks that have to do wit actual code. Sure, there were some server hacks over the years, but they’re more rare as they require a higher level of work. In example, even for sites such as WordPress, which gives people access to the base server, hacks will usually go in through the application. Therefore, if your application is secure, it will be a lot harder for someone to get into your sever unless you have SSH with no password.
Altogether, in my experience most of your hacks will come in through your application.
Other posts in this series with Ben Edmunds:
- Tutorial: Building Modern & Secure PHP Applications
- Tutorial: The Best Way to Store Passwords in a Database
- Q&A With PHP Security Expert Ben Edmunds
- The Most Common Reason a Hacker Attacks Your PHP Applications
Need Ben’s help? Book a 1-on-1 session!