What's new? Winter Release 2021

Winter is clearly over here, the sun is shining, which means it is time to sum up everything that is new in the Tideways Winter 2021 release. Aside from this blog post explaining the new features in detail and the documentation, we also invite you to our 30 minute webinar "New Features and Improvements launched in Winter 2021" scheduled for 4th March 2021, 15:00 Europe/Berlin. The webinar will also include an exclusive intro to two brand new features that are launching into Beta next week.


Preventing SQL injections in PHP (and other vulnerabilities)

If you’ve been around web development for a while, you’ve almost certainly heard the term “SQL injection” and some terrifying stories about it. PHP, like many other languages, is not immune to this type of threat, which can be very dangerous indeed. But, luckily, protecting your websites from SQL injection and other similar threats is something you can take tangible steps towards.

oh dear

Making our Laravel test suite ready for parallel testing

To make sure that our service is working correctly, we have a suite of automated tests. The test suite is executed when we make changes and deploy something to production. Using the new parallel testing feature that recently landed in Laravel, we managed to run our testsuite about four times faster. Here is the test output when running all tests sequentially. The time needed is 4m28s. And here's the test output when using parallel testing. It only took 1m05s.


Why we ditched Lumen PHP

Lumen is a stripped down version of the powerful and now very popular Laravel PHP framework, focused on performance and serving stateless requests. I doesn’t have all the bells and whistles of Laravel, but it also doesn’t need them when serving API requests. For example, sessions, cookies and views are not a part of Lumen. It’s not intended for serving websites so everything around that got ditched.


Best Practices For Analyzing The Performance of PHP on AWS Graviton2

According to AWS: “[Graviton2 is] custom built by Amazon Web Services using 64-bit Arm Neoverse cores to deliver the best price performance for your cloud workloads running in Amazon EC2” At Instana we are looking at ARM with extreme interest, and we decided to port our PHP tracer to AWS Graviton2.


Is Your Language of Choice a Major Flaw Offender?

In volume 11 of our annual State of Software Security (SOSS) report, we uncovered some valuable nuggets of information about how you, the innovative developers of our world, can craft more secure code. For example, did you know that scanning via API improves the time to remediate 50 percent of security flaws by about 17 days, or that C++ and PHP languages have an alarmingly high number of severe security flaws and need greater attention?


What is the best way to protect my PHP code?

The simple answer is to use a compiled code tool and implement as many security features as possible, but sometimes time can be a factor and other matters take precedence so less time goes into security. If your code is valuable then you really should spend time adding more layers of code protection (obfuscation, script licensing, encryption) and there is one feature in particular which sets ionCube apart from other tools, offers advanced protection for your PHP code and is fairly quick to setup.