Heroku Behind the Curtain: Patching the glibc Security Hole

If you’re a developer, it’s unlikely you’ve ever said "I wish I could spend a whole day patching critical security holes in my infrastructure!" (If you do, we’re hiring). And if you’re running a business, it’s unlikely you’ve ever said “Yes! I would like my developers to lose a day’s worth of feature-building on security patches!”.

At Heroku, we believe you shouldn’t have to spend the time required to patch, test, and deploy security fixes. Because of that, some of Heroku’s most important features are ones you never see: we keep our platform reliable and secure for your apps so you don’t have to.

Recently Google Security and Red Hat both discovered a high severity bug in a...

Read more →

Finally, Real-Time Django Is Here: Get Started with Django Channels

Django Channel header

Today, we're thrilled to host Jacob Kaplan-Moss. Jacob's a former Herokai and long-time core contributor to Django, and he's here to share an in-depth look at something that he believes will define the future of the framework.

When Django was created, over ten years ago, the web was a less complicated place. The majority of web pages were static. Database-backed, Model/View/Controller-style web apps were the new spiffy thing. Ajax was barely starting to be used, and only in narrow contexts.

The web circa 2016 is significantly more powerful. The last few years have seen the rise of the so-called “real-time” web: apps with much higher interaction between clients and servers and...

Read more →

How to Deploy Your Slack Bots to Heroku


Whether they're publishing notifications, responding to /slash commands or carrying a conversation, bots have become an integral part of the way we work with Slack. A bot can do any number of things for your team as part of your day-to-day work, you're only limited by your imagination. For some first-hand experience, check out the Heroku Button Gallery, where users have created all types of bots: from fun bots like poker and Jeopardy!, to more practical ones like a bot that tracks the satisfaction of your team members or one that reminds your team to review existing pull requests.

That said, the real power and fun of Slack bots comes once you know how to build your own. In this...

Read more →

Using Netflix Zuul to Proxy your Microservices

A common challenge when building microservices is providing a unified interface to the consumers of your system. The fact that your services are split into small composable apps shouldn’t be visible to users or result in substantial development effort.

To solve this problem, Netflix (a major adopter of microservices) created and open-sourced its Zuul proxy server. Zuul is an edge service that proxies requests to multiple backing services. It provides a unified “front door” to your system, which allows a browser, mobile app, or other user interface to consume services from multiple hosts without managing cross-origin resource sharing (CORS) and authentication for each one. You can...

Read more →

Migrating from the Mandrill Add-on

Last week MailChimp announced that they are shutting down the Mandrill Heroku Add-on, giving users until April 27th to migrate to another solution. Many of our customers have sought guidance on how and where to migrate, so we have asked our email providers to create guides for migrating from the Mandrill add-on to their respective services.

Mailgun: Migrating from the Heroku Mandrill Add-on to the Mailgun Add-on

Postmark: Migrating your Mandrill Heroku Add-on to Postmark

SendGrid: Replacing the Mandrill Heroku Add-on with the SendGrid Add-on

SparkPost: Migrating from Mandrill to SparkPost on Heroku

Read more →

Browse the blog archives, subscribe to the full-text feed, or visit the engineering blog.