I absolutely HATE "web developers" who call you in to fix their FooBar'd mess, yet can't stop themselves from dictating what you should and shouldn't do, especially when they have no idea what they're doing.

So I get called in to a job improving the performance of a Magento site (and let's just say I have no love for Magento for a number of reasons) because this "developer" enabled Redis and expected everything to be lightning fast. Maybe he thought "Redis" was the name of a magical sorcerer living in the server. A master conjurer capable of weaving mystical time-altering spells to inexplicably improve the performance. Who knows?

This guy claims he spent "months" trying to figure out why the website couldn't load faster than 7 seconds at best, and his employer is demanding a resolution so he stops losing conversions. I usually try to avoid Magento because of all the headaches that come with it, but I figured "sure, why not?" I mean, he built the website less than a year ago, so how bad can it really be? Well...let's see how fast you all can facepalm:

1.) The website was built brand new on Magento 1.9.2.4...what? I mean, if this were built a few years back, that would be a different story, but building a fresh Magento website in 2017 in 1.x? I asked him why he did that...his answer absolutely floored me: "because PHP 5.5 was the best choice at the time for speed and performance..." What?!

2.) The ONLY optimization done on the website was Redis cache being enabled. No merged CSS/JS, no use of a CDN, no image optimization, no gzip, no expires rules. Just Redis...

3.) Now to say the website was poorly coded was an understatement. This wasn't the worst coding I've seen, but it was far from acceptable. There was no organization whatsoever. Templates and skin assets are being called from across 12 different locations on the server, making tracking down and finding a snippet to fix downright annoying.

But not only that, the home page itself had 83 custom database queries to load the products on the page. He said this was so he could load products from several different categories and custom tables to show on the page. I asked him why he didn't just call a few join queries, and he had no idea what I was talking about.

4.) Almost every image on the website was a .PNG file, 2000x2000 px and lossless. The home page alone was 22MB just from images.

There were several other issues, but those 4 should be enough to paint a good picture. The client wanted this all done in a week for less than $500. We laughed. But we agreed on the price only because of a long relationship and because they have some referrals they got us in the door with. But we told them it would get done on our time, not theirs. So I copied the website to our server as a test bed and got to work.

After numerous hours of bug fixes, recoding queries, disabling Redis and opting for higher innodb cache (more on that later), image optimization, js/css/html combining, render-unblocking and minification, lazyloading images tweaking Magento to work with PHP7, installing OpCache and setting up basic htaccess optimizations, we smash the loading time down to 1.2 seconds total, and most of that time was for external JavaScript plugins deemed "necessary". Time to First Byte went from a staggering 2.2 seconds to about 45ms. Needless to say, we kicked its ass.

So I show their developer the changes and he's stunned. He says he'll tell the hosting provider create a new server set up to migrate the optimized site over and cut over to, because taking the live website down for maintenance for even an hour or two in the middle of the night is "unacceptable".

So trying to be cool about it, I tell him I'd be happy to configure the server to the exact specifications needed. He says "we can't do that". I look at him confused. "What do you mean we 'can't'?" He tells me that even though this is a dedicated server, the provider doesn't allow any access other than a jailed shell account and cPanel access. What?! This is a company averaging 3 million+ per year in revenue. Why don't they have an IT manager overseeing everything? Apparently for them, they're too cheap for that, so they went with a "managed dedicated server", "managed" apparently meaning "you only get to use it like a shared host".

So after countless phone calls arguing with the hosting provider, they agree to make our changes. Then the client's developer starts getting nasty out of nowhere. He says my optimizations are not acceptable because I'm not using Redis cache, and now the client is threatening to walk away without paying us.

So I guess the overall message from this rant is not so much about the situation, but the developer and countless others like him that are clueless, but try to speak from a position of authority.

If we as developers don't stop challenging each other in a measuring contest and learn to let go when we need help, we can get a lot more done and prevent losing clients. </rant>

Wife - my site is not working, everything in the code looks correct. But it is only throwing me 404 all over

Me - "blaming the teacher for giving bad shit"

Wife after googling - I fixed it, you have forgot to enable .htaccess in the virtualhost

FFS how long have I been this stupid?

When you break the whole company website with the .htaccess file....

So my client wants to stick with their current hosting provider (Bell) because the company is "big" and "won't go anywhere anytime soon." I just said, well okay it can't be that bad. Bell charges about 10x more and gives you about 10x less compared to other options, but it's not my money so whatever. Well, Bell has the absolute worst customer service. They have an online support form where I can type in my questions and they will call me within a day to help me. They called me during work hours and I missed the call, so they sent me an email to let me know I missed the call and gave me a number to call. I called and I might as well have called my dog because the support didn't even know what a .htaccess file is. I emailed them back and asked if they could forward my email to someone in the hosting department that could help (because the phone support I got was shit). I got a reply saying they "can't"... yup, they used the word "can't", they can't forward the email and that I would have to call. Is everyone at Bell a fucking dick chugging brainless pile of moldy-ass shit biscuits!? YOU CAN"T SEND AN EMAIL? Turns out they do have a dedicated hosting support email, let's hope the email I send ends up in front of someone at Bell who at least has a slight clue how to use a keyboard.

I think I'm already blind. Or the liquor ate a chunk of my brain cells.

I just realized that devRant web version has different accent colours based on avatar's bg colour.

Earlier I realized I have disabled show hidden files feature on my file manager and thought there was no .htaccess file.

Our website stopped working. A coworker said her guess from an error she saw in the logs was that it might have something to do with a bit of a commented line in .htaccess taking itself out of comment and into code due to a specific set of characters the line contained. I looked at .htaccess and thought “Nah, that can’t be it.” and proceeded to troubleshoot pretty much everything but that. After 30 minutes my coworker opened the file and fixed the comment and all was well. I felt stupid because on our team I’m supposed to be the expert that figures out stuff like this.

My boss says to me this morning.

Boss: Can you add these links as a redirect 301 to this link.

Me: Ok, I'm not the developer for that domain but I guess I can do it. Let's try to update apache htaccess for that domain through my account.

(After a swift ssh connection to the server to check out that domain.)

Me: Er...boss, we don't own that domain. We cannot redirect it's links to our other domains.

Boss: Why? What do you mean?!

Me: well if we don't own that domain, than it is not on our server and we cannot update it's server config files. So we cannot redirect that domain to our other domains.

Boss: Are you sure?

It went on like this for a while. I had a laugh break after.

First thing on Monday. The very first thing.

I fucking killed prod.

Reminder to my future self to either stash local config files and .htaccess files... or add them to gitignore... But either way, don't leave them lying around assuming I won't do something dumb and accidentally commit them. Because some fateful Monday morning before I've had my coffee I'm going to do something dumb.

Redirect that crossed my path today

Sad. Laravel Valet uses Nginx. What if your office system is using Apache and is heavy in using .htaccess?

Ok back to MAMP and Docker. I'll just use Valet for simple things.

Dunno who it was, but not cool posting a rant about how Windows doesn't allow creating extension-only files like ".htaccess" through Explorer and then deleting the whole thing right after I give him answer that it's possible if you simply name it ".htaccess."

These kind of people are exact reason why whole communities and sites like Stackoverflow turned into judgemental bastards..

Okey, so the recruiters are getting smarter, I just clicked how well do you know WordPress quiz (I know it's from a recruiter, already entered a php quiz An might win a drone)

So the question is how to solve this issue:

Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 2348617 bytes) in /home4/xxx/public_html/wp-includes/plugin.php on line xxx

A set memory limit to 256
B set memory limit to Max
C set memory limit to 256 in htaccess
D restart server

These all seem like bad answers to me.

I vote E don't use the plug-in, or the answer that trumps the rest, F don't use WordPress

A Timehop from 3 years ago stated "I will learn one day to do 301 redirects in .htaccess without Googling it."

I still don't know.

Code in index.php: if(!isset($_COCKIE['access'] == '123') {
echo 'Denied'; die;
}

And then there was the access.php which set the cookie.

So you had to go to foo.com/access.php which displayed a white page and set the cookie. Then navigate back to foo.com for access

The dangers of PHP eval()

Yup. "Scary, you better make use of include instead" — I read all the time everywhere. I want to hear good case scenarios and feel safe with it.

I use the eval() method as a good resource to build custom website modules written in PHP which are stored and retrieved back from a database. I ENSURED IS SAFE AND CAN ONLY BE ALTERED THROUGH PRIVILEGED USERS. THERE. I SAID IT. You could as well develop a malicious module and share it to be used on the same application, but this application is just for my use at the moment so I don't wanna worry more or I'll become bald.

I had to take out my fear and confront it in front of you guys. If i had to count every single time somebody mentions on Stack Overflow or the comments over PHP documentation about the dangers of using eval I'd quit already.

Tell me if I'm wrong: in a safe environment and trustworthy piece of code is it OK to execute eval('?>'.$pieceOfCode); ... Right?

The reason I store code on the database is because I create/edit modules on the web editor itself.

I use my own coded layers to authenticate a privileged user: A single way to grant access to admin functions through a unique authentication tunnel granting so privileged user to access the editor or send API requests, custom htaccess rules to protect all filesystem behind the domain root path, a custom URI controller + SSL. All this should do the trick to safely use the damn eval(), is that right?!

Unless malicious code is found on the code stored prior to its evaluation.

But FFS, in such scenario, why not better fuck up the framework filesystem instead? Is one password closer than the database.

I will need therapy after this. I swear.

If 'eval is evil' (as it appears in the suggested tags for this post) how can we ensure that third party code is ever trustworthy without even looking at it? This happens already with chrome extensions, or even phone apps a long time after reaching to millions of devices.

writing Apache directives in my .gitignore instead of .htaccess file

Modifying .htaccess for WordPress multisite so that my custom url(slug) will redirect to wp-login for security reasons.
It is like performing a neuro surgery where the slightest of mistake will get u paralyzed.
I have already reached a vegetative state..
I wonder what more damage I could do? FML.

Who the living fuck deleted the entire .htaccess file contents!

Oops that was me, haha my bad.

The fucking worst part about web dev is getting the damn .htaccess file to work properly. I usually do some basic url rewriting but then it won't work locally, or I have to restart the server (which of course I fucking forget), and then suddenly it *does* work without restarting the server... Just arghhhh

Today was the best day of my life. Being a jack of all trades, that I am, I decided to migrate a client's website to an new shiny self-managed server from a shared host. So I started by setting up a web server and deployment being run from a group bash scripts. This morning everything was ready to go after some testing, all that was left to do, was to update my DNS to point to the new server. I got that sorted, the DNS update took about 1 hour to propagate. So the homepage was loading just like before, it felt like I had just achieved something worthy of a mention on the interwebs — at least. Then I tried to navigate to another page other than the homepage and none of those were working as expected, at this point I was only getting 404s. Tweaked to settings and then all I could get were 502s. I spend about 8 hours dreading that uncomfortable call from the client, luckily that call never came through and all is well again. All this drama was caused by a bad .htaccess.

Apache Config + .htaccess + Symfony + optional trailing slashes for any route = a piece of developers suicidal history

Who can feel my pain?

xD

So, I have to begin with saying that I was 19 and my first real job. I was assigned to ongoing project for big german web company who outsourced project for german government. I am fast learner so I quickly ended up as a only developer who works on this project, because company had another important projects. And since I studied outside of my native country and I can speak Polish and English so I was also responsible for explaining everything to customer during meetings. I worked for around 4 months on the project and was heading up to the end. 3 weeks before production deadline client wanted show the results to the german government but I was still working on the functionality. My boss decided to put the web team leader to my project around 8 hours before this presentation to speed up the development. around 30 minutes before the pitch I realised that some of the latest functionalities stopped working. I was trying to figure out what I did I asked my team leader, he said that he have refactored some parts of my code. When we found the right commit it was around 3 min to presentation and after the checkout some of the .htaccess file was broken so I fixed it quickly but Germans started the meeting a bit earlier. The website was crashed almost half of the presentation. After 5 minutes my boss come to my desk and he says that he just talked with our customer and they are so freaking mad and pissed that they will not pay us. At this point I was certain I'm fired...

Suddenly the web team leader joined the conversation protecting me that it was the fault of the project menager because he should assign someone else to this project because even though I am good it is always good to have someone more experienced to work with you and review your code.

Project manager was fired about 3 months later. I was saved 😀

Maybe it's just me. Maybe I'm the Charlie Brown of development and Lucy with the football is the XAMPP/MAMP/WAMP software in this world. EVERY. TIME. I. TRY. TO. SPIN. THIS. UP. IT. FAILS. It doesn't matter which tutorial I follow for which technology stack or CMS, the result is always the same. Something about the database or htaccess or some other stupid setting makes it impossible for me to create a simple dev environment on my system.

I have been doing this dance for 24 YEARS NOW!!!! The original programmer of Apache is a 2nd-degree acquaintance who used to be available to help me with this, but no more. I feel like a complete and utter failure as a web developer every time I try to set up XAMPP, and, the rare times I've succeeded and gotten a basic CMS up and running, I fail again and again with all these build/run/task tools I'm now supposed to be using. After a week of fiddling with my local dev environment, I give up and delete it all. I go right back to on-server development "the old fashioned way". WHY!? WHY IS THIS SO HARD?

I'm stepping on rakes here and about to quit. I'm probably just too OLD and STUPID for all these stacks and frameworks and tools and maybe even for this career now. I should probably quit and become a "facilities manager" at a tech firm somewhere, cleaning up the bathrooms and sweeping floors and watching all these young geniuses tut-tut about "Poor StackODev. I hear he had 24 years as a web developer, but then he snapped and he's never been the same."

I've created instructions for myself the next time I encounter cpanel.

rallen@rallen ~ $ cheat cpanel
#SSH'ing into the fucking cpanel
#Figure out combination of 5 usernames and passwords given by client to log in.
#Pray that WHM isn't involved.
#Ignore several ssl warnings and cancel several .htaccess password prompts.
#Call in to enable that shit.
#Wait no less than 15 minutes on hold.
#SSH enabled.
#Create public private key pair.
#Notice the ppk conversion for windows 'devs'. Sigh.
#Copy key pair to ~/.ssh/
#chmod that shit to 600.
#Note for the user name it's not anything the clients given you or what you've named the key. Look in the cpanel for the /home/<user> directory.
ssh -i ~/.ssh/key <user>@<dedicatedip>

Am I missing something here? Lets Encrypt auto renews SSL every 90 days....BUT it will fail if you have .htaccess re-direct set up to https. So you would have to switch off the https redirect, manually renew, then switch it back on again. Thats fucking crazy. I can’t find a way round this. The hosting co set this up but are encouraging people to buy one of theirs when the renewal fails. a cunning plot to get more of their own SSLs. Any ideas?

Spent about 40 minutes trying to figure out why my stupid events were not tracked, something about CORS

so digged into the htaccess file and added the correct headers but the header value was being appended although i was setting it.

So I figured the "tool" i am using is setting it too but only when I set it, that was weird.

So on to to its github I went, someone mentioned there is a CORS setting in the UI, so I added the domain i wanted to allow and done, it fucking works.

Read the documentation kids, sometimes it is useful.

So I found about a possible freelance job I could do. I messaged the person and they asked me to show them some of my work. I went into my dusty wamp server folder to use one of my projects there as an example or w/e. It being old and all and me having not updated anything in the last 2 years, there was a lot of bugs I had to fix. So I did that. I had to change some links and whatnot. Then I tried running the site again and that was where I met the biggest hurdle. None of the user generated pages worked because I used a .htaccess file to vanity the website links (is that a word? No? Well it is now). So I went back into the folder to check the .htaccess file to see if I could fix the issue. Lo and behold the file was empty

I had lost the fucking .htaccess. Now I'm stuck and saying fuck it because I can't be arsed to go through each file and change the links mostly bc I forgot the structure of the links ontop of the other stuff I had in the htaccess file. And yeah ik I'm just being lazy but I'm really just having one of those days

So yeah that's how my day went. Just thought I'd share

Over complicated htaccess rewrites that dont work due to the client's business logic. I hate wasting time on something that should take 5 mins.

F*ck you Laravel, just f*ck you.
just spent the whole night trying to make the router to work, reinstalled lamp over and over again, htaccess looks good, still getting internal errors. Why can't we just work with Node?

Working on my new WebSite/Shop while discovering an Error....

I got a "Download" button as <input> that triggers an JS-Script that makes a POST-Request to a target=_blank, that downloads the file via a header (so that people won't know where the content is located, but I blocked the source with .htaccess, too)

So the error: While testing in Mozilla everything worked fine, but as soon as I switched to Chrome THAT FUCKING STUPID DOWNLOAD PAGE WON'T FUCKING OPEN! I HAD TO CHANGE IT FROM AN INPUT TO AN DIV AND TO FIGURE THIS SHIT OUT IT COSTED ME FUCKING 1 HOUR! FUCK YOU CHROME! FUCK YOU! YES YOU FUCK YOU! YOU RUIN EVERYTHING! MOZILLA IS FASTER WHY THE FUCK DO I STILL USE YOU BESIDES OF PORN! OH WAIT I DON'T EVEN WATCH PORN BETTER UNINSTALL YOU NOW! FUCK YOUUUUUUUUUUUUUUUUUUUUUUUUUU

Learning php includes for my template, and I couldn't get my index.php to show up right.. Totally forgot to add the php version to my htaccess #fail

I use Apache .htaccess to rewrite requests to .git folder to return 404. Why? Because next web told me I'm using git wrong, that they directory contains source control compromising information but I'm too lazy to figure out what to do and--this is the most important part--I don't know what I'm doing.

So... the guy from my last rant completely screwed up a site he'd been working on for our company (blaming the web hosters for their "shitty config" while it was just an error in his .htaccess).

He then proceeded to do it all from scratch (instead of using already existing stuff like he did before).

He asked me to help him out.

I put as conditions that we where going to do it "my" way, with the tools I am pushing at work (Docker, Git, CakePHP and Sass).

He rejected it (as always) saying: "I don't care if the site looks good or works good, I just want something out of the door ASAP".

So I declined because I just can't work with that mentality.

He asked an intern (of which he actually has no saying but w/e) whom barely understands the basics of HTML and CSS to help him out.

Intern agreed and they started working on it.

Two weeks in and the guy takes a nice two week holiday, leaving the intern all by himself :)

something something "I want it out of the door asap"...

PUT method works in dev but not in prod for code ignitor. Stuck on this one from a week. Someone HELP 🥲

(Checked htaccess and PUT is enabled)