Why I Don’t Bother With Virtual Hosts or Vagrant, And How To Give Them Up For Good!

Virtual HostsI don’t bother with Virtual Hosts or Vagrant. It may sound blasphemous, or stupid, but it works for me (YMMV). Call me crazy. Say I’m not doing what the cool developers are doing. I don’t care.

My main reasons for doing so are speed and simplicity. The way I manage developing projects locally is to have a single, basically default web server configuration, with symbolic links into project directories. Lame, right?

But Virtual Hosts Are Cool!

Yes, they are. Browsing your project at my-project.dev is neat. But you have to create the virtual host every time you start a project. There are things out there that make this super simple like Pow (for Ruby on OS X), and I’m sure there’s something similar for Windows or PHP, I just haven’t found it (haven’t really looked), and I don’t want to bother. You can do some clever Rewrite so that *.dev points to a C:\Users\You\Dev\*\public folder. You can probably do a lot of things. I don’t. I really don’t care. I just want to get down to coding.

Vagrant Is Cool!

And you’re even using Laravel, Phil, which has Homestead! What’s wrong with you? Flat out, last time I checked, Vagrant didn’t run on Windows. Or at least not on my version of Windows. Believe me, I tried.

Windows? Ewww! Use a Mac! Use Linux! I’m stuck on Windows at least half the time due to working at a corporation with an IT dept. that makes their own flavor of Windows. I ran their installer for half a day and ended up with a computer that let’s me communicate with everyone else in the company. And I still had Administrator access to install my own IDE and other various programs so I can do my job. My Windows set-up is actually so similar to my iMac at home that there’s very little difference in my work environment, besides “ls” being “dir” and “/” being “\”. I even have Console with Solarized Dark colors. It’s really not so bad.

I don’t really have the time or inclination to install Xubuntu on my company issued laptop, and maintain it plus all of my applications all by myself, just to end up with the perfect development environment (and a computer that doesn’t run Office).

You Don’t Need Virtual Hosts

For reals, yo. You actually don’t need to jump through all of these hoops to develop something locally that still works when you deploy it. And if you do need it, well then by all means, make a virtual host. But trust me, this solution works 99% of the time.

How To Do It

On OS X or Linux flavors, you can create a symbolic link in your web server’s document root. Do it with the command line using the ln command by specifying the target and link name:

$ cd /var/www/htdocs
$ sudo ln -s /home/username/code/my-project/public my-project

On Windows, there’s a little tool called Junction which will let you create symbolic links on the command line. The only difference is the parameters are reversed (link name first, target second):

> junction my-project C:\Users\username\Code\MyProject\public

Now your project is “rooted” here:  http://localhost/my-project

That’s it. No messing around with configuration files. No restarting Apache.

But… But… Relative From Root Paths?

I personally feel that if your application or framework requires you to put code in the root directory, there’s something wrong with it. If programmed carefully, you can easily deploy a project at the web root of a virtual host somewhere, without changing any code. Most modern frameworks have a ‘base path’ function.

I’ve only run into one problem doing things this way when working with Laravel’s pagination. Their paginator class assumes that the base path is ‘/’, but I was able to overcome that by passing url() into the path parameter from the controller. It’s hacky, but works. I’m thinking about making a pull request one of these days and seeing how that goes.


Questions? Comments? Emotional outbursts? Let me know how you set-up your development environment.

Bcrypt Passwords with PHP 5.5

How Not To Store Passwords

Marty Weiner wrote a great a great article on how not to store passwords. He discusses the problems with passwords, how not to do it, and gives his recommendation of the right way to store passwords. Go read his article now.

How To Store Passwords

Marty recommends using bcrypt and gives examples in a lot of languages except PHP. Here’s how to do it in PHP 5.5 and up (but maybe not 6?).

Bycrypt With PHP

PHP 5.5 Makes It Easy

Use the password_hash function, and pass in the constant for the bcrypt algorithm, which is PASSWORD_BCRYPT. Also provide an appropriate $cost.

Here’s its signature:

And here’s an example of how to use it:

The return value will be the hash. Store this somewhere. A database, perhaps.

Note that you can also pass a 'salt' in the $options array. DON’T DO THIS. Let the salt be generated for you randomly.

What’s my $cost?

The appropriate $cost to use depends on your hardware, and how quickly you would like the $hash to be computed. The PHP manual provides a simple function you can run once on your server to find a good $cost. It will probably be 10 or 11.

Validate The Password

Validating the password is equally easy:

Here the $password will be what the user provides.

But I don’t have PHP 5.5!

Upgrade already!

Before PHP 5.5

Use ircmaxell’s password_compatibility library. This requires that crypt is enabled.

Go Forth!

Take the time to upgrade your authentication layer now or you open yourself up to liabilities galore. Helpful hackers should probably be forking ZFCommons ZFUser and other libraries as we speak.

Facebook Hiatus

I dislike commercials. Big whoop, right? Everyone dislikes them. They’re loud, there are too many of them, they interrupt the show you’re watching.

Here’s why I dislike them:  emotional whiplash.

When you’re watching a show, it puts you in a certain mood, be it funny, serious, sad, mad, or something. When the commercials come on, it’s a hodgepodge of ads all thrown in with a different mood for each. There’s not much thought on the part of the network other than, “how profitable can we make this show?” – let alone respect for the viewing audience. This brings not only you out of the mood of the show, but there’s a different mood for every commercial. You’re experiencing a new mood every 30 seconds.

Movie trailers get this right. If you’re seeing a comedy, the trailers are for other funny movies. They figure that’s what you’re interested in. If you’re come to see a gripping drama, you’re shown previews for other dramatic films. A horror flick with have trailers for other scary movies, and so on.

Experiencing emotional whiplash has been a complaint of mine in regards to commercials for many years. In the past few months, I’ve come to have this same complaint about Facebook.

So and so got engaged. A link to an article about why people should have AR-15s. Someone else is losing their job. Takei posted a hilarious picture. A dog is lost in Hillsborough county. Here’s a suggested post by a page I have zero interest in. Here’s a status update by someone I have no idea who they are. So and so likes a page about human trafficking. Does that mean they’re against it, or they actually like human trafficking?

The back and forth can be jarring to say the least.

Finally, it’s a time sink. I have so many things I’d like to accomplish. I’ve got several projects and ideas. I’ve made minimal progress on many, but completed exactly zero.

I’m a web-application developer without a successful web-app. I haven’t even had a blog for the last few years! I’m a musician without an album. I’m a drummer without a band (if you’re looking for a drummer in the Orlando area, see me after), I’m interested in screenwriting but have no script – let alone a log-line – to show for it. And I’m thirty-eight as I type this. Almost forty.

Recently I was inspired to follow through by two different sources:

1) A blog post by Adam Brault: I quit Twitter for a month and it completely changed my thinking about mostly everything. Adam had a similar experience with his Twitter feed. What I took from this article is there are only so many people you can empathize with in a day. Says Adam,

We’ve surrendered a massive amount of mental and emotional energy without making the explicit choice to do so—it’s simply imposed on us by subscribing to the channel and checking it.

2) The book Personal Development for Smart People (affiliate link) by Steve Pavlina (incidentally, I can’t recommend this book highly enough). In the section on Truth – which alone is worth the price of admission – Steve talks about taking a 30-day Media Fast.

I found that when I went 30 days without television, I felt free to focus on more important activities, I spent more time connecting with friends, and I went outside more often.

All of this thinking and inspiration combined finally pushed me over the edge. I’m not taking a complete media fast, but I am taking a Facebook fast. I’ll get back more of my time for projects, and I’m making a concerted effort to socialize in person. Incidentally, if you’d like to hang out over coffee, a beer, or take an afternoon in one of the parks, get in touch here.

I had envisioned making a big announcement, giving my Facebook audience time to adjust, lapping up the ego-appeasing, ‘no! don’t go!’ comments like sugar-water. But when I finally pulled the trigger, it wasn’t on a whim (since I have been considering it for so long), but it was at the spur of the moment.

I knew that if I simply said, ‘no Facebook,’ it would be too easy to log back on and get a fix, so one day I decided to delete my account. I chose the “this is temporary” option. I’m wondering if after 30 days, I’ll have to desire to come back.

How’s it going? It’s been five days, so far.

The “not a complete media fast” aspect has so far amounted to me spending more time watching Hulu while playing Counterstrike. Uh, whoops. But that’s growing old fast. Already today I’m taking time to set-up a blog I’ve been planning on for many months. And I have gone outside a little more. I think the desire and momentum to take advantage of the fast will build as the month continues.

Emotionally:  I’m lonely. I miss my friends on Facebook. It was my main source of human connection and entertainment. A lot of my friends on there are from places I’ve lived in the past like California, Arizona, or South Florida. Interacting with them via Facebook was my only connection to them.

As for my friends, only three people have mentioned it to me. My brother was concerned. My mom learned of it from my brother, and said, “I’ll miss your posts.” Thanks, mom.

Another friend asked who would entertain them now. Um, I’m not your dancing monkey. In time maybe they will learn to entertain themselves. Maybe they’ll be inspired by my absence to log-off.

That is, if it had gone the other way – if all of my friends had logged off Facebook – I would have experienced a healthy dose of loneliness and perhaps experienced the same benefits – a desire to do something productive and socialize in person more often. But I couldn’t wait for other people to take action.

There are people who’s only way of contacting me was through Facebook. I have no idea if they have noticed or are concerned. Maybe they should Google me? I was a little annoyed when I realized that means I can’t contact them either, particularly a couple of people I’d like to hang out with, but I’m going to stick to my guns for now.

In the long run, I think both things – boredom and loneliness – are actually good. I’ve been tempted to log back on a couple of times, but I’ve been letting the words of Hafiz sink into my soul – words I have ironically posted on Facebook a few times (and incorrectly attributed them to Rumi – d’oh!):

Don’t surrender your loneliness so quickly
Let it cut more deep
Let it ferment and season you
As few human or divine ingredients can

This will be good. I’m pouting a little that the grownup in the house took away my toy, but I think it will mean I’ll grow-up a little as a result. I’ll let you know how it goes.

Let me know in the comments how you feel about stepping away from Facebook for a while. Would it be too hard? Does it sound like a relief?

If you like this post, please subscribe to this blog’s feed, link here from your own blog, tell your friends, and – hey! – share it on Facebook! (yuk yuk yuk)