Developing and testing localhost websites on mobile devices

The Problem

I quickly realised an unproductive workflow in committing a web site and deploying it to Amazon’s Elastic Beanstalk (EB). I would be working within my Virtual Machine (VM) to develop a web site and after everything tested OK in desktop browsers I would deploy, only to see that it wasn’t all good on the mobile. Yes I can resize the browsers window to simulate mobiles to a degree and I can test on the IOS simulator (I’d rather not) but neither are perfect. And when there was an issue, the constant tweaking and trying again would get very tedious.

My VM is basically running so that no devices except those directly running on the host machine can request the web site in a browser. Knowing this how do I access the web site I’m developing via my mobile or tablet, in this case iPhone and iPad? I could start messing around with various networking options but before even contemplate something that already didn’t sit well for me I thought I can’t be the only one.

The Solution

After a few attempts at Googling around I found a workable option through tunnelling. The concept is simple, I create a tunnel between the web site running on my VM and a public service offering that generates a publicly addressable URL you can use to request your web site via any device.

I found out that there are a few offerings, as listed below:

Free

Paid for

Continue reading

Customising Amazon Elastic Beanstalk with remote logging to PaperTrailApp

I’ve recently released a new website on AWS Elastic Beanstalk (EB) and thought I would document how I’ve set up centralised logging using papertrailapp.

The following steps use Amazon’s configuration files to customise the software stack running on an EC2 instance.

Steps:

  1. Get syslog pushing entries into papertrailapp.
  2. Get other log files pushing to papertrailapp.
  3. Encrypt the logs during transport

Step 1: Get syslog pushing entries into papertrailapp

Knowing that the EC2 operating system is the Amazon Linux AMI we know that we are using rsyslog as our system logger. With this knowledge we can move straight into editing it’s config file.

Updating /etc/rsyslog.conf

The next step is to append a papertrailapp line along the lines of *.* @logs.papertrailapp.com:12345 to the bottom of the /etc/rsyslog.conf file, changing your port number as appropriate. Since it would be pointless doing this directly due to the very nature of an elastic provisioned architecture we are going to use the EB config files so we only have to do this once and once only.

Copy the contents from /etc/rsyslog.conf into a new file and append the papertraillapp log line to it. Now push this up to some place publicly accessible for download, such as Amazon’s S3 service.

Now within the root directory of your application, create a config file called .ebextensions/papertraillapp.config and paste into it the following content:

Obviously, change the source URL to point to the rsyslog file you uploaded earlier.

Continue reading

Customising a Vagrant box with Veewee

In my job I’ve noticed that the number of web sites, applications and APIs keep growing and all need servers to run on. I’m not a Systems Administrator but being a lone developer I want to try and keep as much of my time focused on doing what I love, building great apps for people. To help combat the issue of managing multiple servers I started to experiment with Chef and I have to say, after a bit of a learning curve, I like it, or I like what it enables me to be getting on with.

Recently, I’ve been tasked with working alongside another developer and the topic of a development environment came up when working on an existing site. Until now I had my VM running on my laptop mirroring production as best as possible and I was happy but someone else now needed the same environment I had. In fact, my local development environment was more akin to a shared hosting platform. That is, I’m running multiple sites on my VM, simply because it was easier than launching a whole new VM and configuring it for each site. I didn’t want to give this guy a copy of my current VM since it would have all of my settings running on it and after playing with Chef for a bit, I came across Vagrant and knew that it supported provisioning with Chef and allows developers to share VMs. I also thought that I could now have a VM dedicated per website. With this in mind I got to work.

Continue reading

Securing Apache for PCI Compliance

For anyone running an e-commerce web site, the term PCI compliance is unlikely to escape the owner’s or developers attention. In essence, if a web site is handling credit card data, regardless of whether they store that data, the web site must be PCI compliant.

For a web site to be compliant, it must pass a rolling three month test by an authorised PCI scanning vendor. There are many out there and from my experience they are not all equal. Some vary with the features they offer but the interesting one is that not all of them return the same vulnerabilities. As a developer, the vulnerability report is key to helping identify and resolve any issues, so I find it surprising when a scanning vendor provides the solution but not the steps to help reproduce the issue or a link on how to resolve. Anyways, to help out here I’ve found that Apache vulnerabilities pop up more than most and so I will address some of these raised issues and present the resolutions.

Continue reading

WordCamp UK 2011 Talk Notes

This post is simply a record of the notes I took when I was at WordCamp UK 2011. I know I’ll find it useful and thought that maybe others will as well. And if not, at least my work colleagues should :)

WordCamp Intro

  • VaultPress – Used for realtime backups. Takes snapshots of site. Can rollback to earlier versions of plugins or themes etc. Paid for, $15 per month for basic account.
  • Research WPMU as a strategy for having separate smaller sites instead of one massive site. Definitely helps to improve performance.
  • Look into Gravity forms. A paid for plugin that is supposed to be awesome for form building. Can use conditionals and integrates with other services such as Campaign Monitor & MailChimp.

Continue reading

My Daily Web Development Tools

After reading a post on the IDE used by @skoop as one of the tools he uses in his everyday development, I felt inspired to do the same and hope that others find my individual set up useful to them.

The first and most obvious place to start, is that which is at the centre of the universe for a PHP developer, his IDE of choice and at present, that honour goes to PhpStorm.

Back in the day when I first started out coding in PHP I used PHPEdit. It was free and built around speed and productivity. I still miss their drop marks feature and surprised other IDEs have not incorporated this into their environments. Once it became commercial, I moved onto something else unmemorable, before adopting Zend Studio 5 and 5.5. Good days. I then persisted with Zend Studio 6 for Eclipse but refused to shell out for 7 and switched to Netbeans after hearing good things. I was happy for months until I started having performance issues. After failing to resolve this annoyance I finally moved onto PhpStorm and haven’t looked back.

Continue reading

VirtualBox: Bridged, NAT or Neither?

Google the phrase ‘VirtualBox set up’ or similar and you’ll find plenty of guides that will instruct you on the install of a Virtual Machine (VM) with the network adapter set to either NAT or Bridged. While these options work fine, as a web developer you are quick to realise their limitations. So what does a web developer need from their VM networking set up? Simple:

  1. To simply and consistently connect to the guest VM from the host, and
  2. To connect to the Internet, remote servers and web applications from the guest VM with the same ease as the host.

Once a VM has been installed, the first goal can be expanded into some real world use cases:

  1. To immediately be able to SSH into the guest machine from a terminal to configure the environment.
  2. To connect to another port on the guest VM via an SSH tunnel, i.e. to administer MySQL from a GUI client.
  3. To request web sites running in the VM through the host’s web browser on the HTTP and HTTPS ports.
  4. To be able to connect to any other port which maybe required. For example, my VMs run Zend Server so I need to connect over HTTPS on port 10082.
  5. To be able to connect to the guest VM regardless of my location or the network I’m connected to.
  6. To set this up once and not have to worry about a guest VM having different IP addresses every now and again.

As for the second goal, the following use cases should be met:

  1. To immediately be able to connect to the Internet and perform system updates and software installs from the guest VM.
  2. To be able to piggy back on a host’s private VPN connection.
  3. To have exactly the same ACL rules as the host when connecting to remote servers or services.

So which network adapter satisfies all of the above use cases? NAT or bridged?

Continue reading