Introducing the new PHP on Heroku

PHP developers are makers at heart. The core strength of PHP has always been in creating a tight feedback cycle between developers and their audiences. That strength is the reason why PHP powers so many of the world’s biggest and best web properties such as Facebook and Etsy. But as developers of those and similar apps know, PHP hasn’t always enjoyed some of the runtime, management or infrastructure elements its peer communities like Ruby on Rails, Python with Django, and Node have had for some time.

As one of the web’s largest PHP shops, Facebook has been an advocate and innovator for the language, but it’s been hard for PHP developers beyond Facebook’s walls to take advantage of that innovation. We’ve been fortunate to work with Facebook on a variety of occasions, and with their F8 Conference next door to our office here in San Francisco, we thought it would be a great opportunity to help bring some of their and the PHP communities’ latest innovations to developers everywhere, by announcing today full Heroku support for the new PHP. If you are in town for F8, please join us tonight for a pre-conference PHP meetup at our office right next door to the main venue.

Read more →

PHP – a look back, a look forward

The history of PHP is the history of the web. Long-time developers will remember how PHP changed the universe of web development. PHP brought two key innovations to the table when it first launched. First, it was interpreted, which meant you could edit a file in place, then refresh the page and see the result. This quick feedback loop was why so many started with PHP and is still a cornerstone of what makes the language so useful. Second, it was the first widespread templating language which enabled intermixing of HTML and PHP code. Every other major web language and framework since PHP has followed suit.

Over time, PHP became a cornerstone of the “LAMP stack”. The LAMP stack consisted of Linux, Apache, MySQL, and PHP, and helped to define the world of open source we all take for granted today. The ubiquity of open-source software in web development is near-absolute now, but it was the success of these technologies that redefined an industry.

Of course PHP wasn’t perfect and other languages and their frameworks came along to contend with PHP as the years went by. In fact, Heroku’s founders ran a PHP consultancy called Bitscribe which focused on PHP development before founding Heroku. They eventually moved from PHP on to Ruby on Rails, which led to the creation of Heroku when they discovered that the Rails ecosystem lacked good hosting options.

Read more →

Beyond Heartbleed: Improved Security for Encrypted Connections

The announcement earlier this month of the “Heartbleed” bug (CVE-2014-0160) in OpenSSL once again focused attention on the technology used to secure communications on the Internet. Heartbleed was a very serious vulnerability and we moved as quickly as possible to patch systems and eliminate this threat on behalf of our customers.

But security is not just about fire drills, there are many steps that can be taken over time to continually improve security. Over the last months we have rolled out several security improvements to Heroku SSL Endpoints, including:

Read more →

Heroku Security Bug Bounty

Working with security researchers to ensure the trustworthiness of Heroku’s platform is an ongoing effort of ours. As part of this effort, the Heroku security team, in conjunction with Bugcrowd, is pleased to announce our new security bug bounty program. For each security bug you help find, which helps to ensure our platform is safe and secure, we'll reward you. Our initial rewards will be between $100 and $1500, varying based on the severity of the vulnerability.

Detailed rules and information about the scope of this bounty program are available on our page at Bugcrowd. As was previously the case, customer applications are strictly out of scope for the bounty – but we’ll pass information along to those customers if you let us know.

Read more →

Congratulations to Plated, Zoobean, and Breathometer on Shark Tank

We love seeing our customers’ successful and gaining recognition for the amazing businesses they are building. So, as you could imagine, we were thrilled to learn that a Heroku customer was featured on ABCs Shark Tank last Friday, with two more being featured over the next couple weeks.

Read more →

Browse the blog archives, subscribe to the full-text feed, or visit the engineering blog.