PHP – a look back, a look forward

The history of PHP is the history of the web. Long-time developers will remember how PHP changed the universe of web development. PHP brought two key innovations to the table when it first launched. First, it was interpreted, which meant you could edit a file in place, then refresh the page and see the result. This quick feedback loop was why so many started with PHP and is still a cornerstone of what makes the language so useful. Second, it was the first widespread templating language which enabled intermixing of HTML and PHP code. Every other major web language and framework since PHP has followed suit.

Over time, PHP became a cornerstone of the “LAMP stack”. The LAMP stack consisted of Linux, Apache, MySQL, and PHP, and helped to define the world of open source we all take for granted today. The ubiquity of open-source software in web development is near-absolute now, but it was the success of these technologies that redefined an industry.

Of course PHP wasn’t perfect and other languages and their frameworks came along to contend with PHP as the years went by. In fact, Heroku’s founders ran a PHP consultancy called Bitscribe which focused on PHP development before founding Heroku. They eventually moved from PHP on to Ruby on Rails, which led to the creation of Heroku when they discovered that the Rails ecosystem lacked good hosting options.

Read more →

Beyond Heartbleed: Improved Security for Encrypted Connections

The announcement earlier this month of the “Heartbleed” bug (CVE-2014-0160) in OpenSSL once again focused attention on the technology used to secure communications on the Internet. Heartbleed was a very serious vulnerability and we moved as quickly as possible to patch systems and eliminate this threat on behalf of our customers.

But security is not just about fire drills, there are many steps that can be taken over time to continually improve security. Over the last months we have rolled out several security improvements to Heroku SSL Endpoints, including:

Read more →

Heroku Security Bug Bounty

Working with security researchers to ensure the trustworthiness of Heroku’s platform is an ongoing effort of ours. As part of this effort, the Heroku security team, in conjunction with Bugcrowd, is pleased to announce our new security bug bounty program. For each security bug you help find, which helps to ensure our platform is safe and secure, we'll reward you. Our initial rewards will be between $100 and $1500, varying based on the severity of the vulnerability.

Detailed rules and information about the scope of this bounty program are available on our page at Bugcrowd. As was previously the case, customer applications are strictly out of scope for the bounty – but we’ll pass information along to those customers if you let us know.

Read more →

Congratulations to Plated, Zoobean, and Breathometer on Shark Tank

We love seeing our customers’ successful and gaining recognition for the amazing businesses they are building. So, as you could imagine, we were thrilled to learn that a Heroku customer was featured on ABCs Shark Tank last Friday, with two more being featured over the next couple weeks.

Read more →

PyCon Montreal - April 9 - 17, 2014

We are really honored to be a part of PyCon again this year. We have a big booth in the expo hall and a bunch of people who are really looking forward to attending and who are there to answer questions, hack on code, troubleshoot, or shoot the ….

Read more →

Browse the blog archives or subscribe to the full-text feed.