Operations | Monitoring | ITSM | DevOps | Cloud


Making sure Laravel's debug mode is always disabled in production

Recently, people started talking about a malware called “Androxgh0st” specifically targeting Laravel apps. In a recent edition of Securing Laravel, Stephen Rees-Carter wrote a good explanation of how it works. The malware targets apps with APP_DEBUG set to true. When enabled, Laravel will give detailed error messages, and some security features will be disabled. In production, you always want this value to be set to false.

Laravel Pulse cards to show response times, scheduled jobs, broken links

Today, we released the ohdearapp/ohdear-pulse package, which contains Laravel Pulse cards to show you the status of your scheduled jobs, any broken links you have in your Laravel app, and uptime / HTTP performance stats. All of these cards use the Oh Dear API to fetch their data. Laravel Pulse is a first party package that can display a dashboard with information surrounding usage and performance of your Laravel app. Here’s how a default installation looks like.

A festive treat: PHP 8.3 is already available on Platform.sh

Just like the feeling you get when you hear the first notes of Mariah Carey's "All I Want for Christmas Is You" signaling the arrival of the festive season, PHP developers can also rejoice in the release of a special gift this month—PHP 8.3. As many of you may already know, a few days ago PHP 8.3 was released and after some testing, it’s now ready to use on all Platform.sh projects.

Display All PHP Errors: Basic & Advanced Usage

A PHP application might produce many different levels of warnings and errors during its execution. Seeing these errors is crucial for developers when troubleshooting a misbehaving application. However, many developers often encounter difficulties displaying errors in their PHP applications, leading to silent app failures.

Blackfire is now even closer to home!

As you probably already know, Blackfire and Platform.sh joined forces back in June 2021. And since then our collective teams have been working together to provide a seamless integration for a complete Git workflow and Observability solution. Blackfire was already part of the Platform.sh product experience for Enterprise and Elite users for quite some time now thanks to the Platform.sh Observability suite.

10 Most Common PHP Security Threats and the Best Ways to Fix Them

PHP is a powerful language used by at least 80% of all the applications you use today as their backend scripting language. This can be attributed to its relatively simpler syntax, which is on the same line as other C-style languages. It supports different operating systems (Windows, Linux, macOS), web servers, databases and integrates seamlessly with popular databases like MySQL, PostgreSQL, and Oracle, making it a suitable choice for database-driven applications.

IPL: How to use ipl-validator

In my last blogpost I explained how our ipl-html lib works and how to use it. With the help of ipl-html it is possible to add forms. Usually we want to validate the data of the form before submitting it and display messages if the validation fails. For this purpose, we have introduced the ipl-validator. The ipl-validator includes many useful validators, and today I want to explain how you can easily use them.

Why Am I Seeing NGINX 502 Bad Gateway: PHP-FPM?

The NGINX Error 502 Bad Gateway is a common error among website users. There are various possible reasons for this error and different ways to solve it. In this article, we will look at the main possible causes and how they can be solved by users and web developers. Use MetricFire's platform to analyze your system’s performance and troubleshoot errors.