Category Archives: Nerd Stuff

Top 5 Script Kiddie Mistakes

These are the most common and most annoying mistakes I see in web development code on a daily basis. Well, Ok, it’s the things that annoyed me most TODAY, but it’s not unique. It’s mostly PHP and MySQL stuff here, but the same abuses take place anywhere the language allows it.

1. Database prefixes. I find so many database tables that use a “table” or a “tbl” prefix. Are you serious? Do you think we don’t already know it’s a table we’re looking at? Likewise, some developers find it somehow necessary to use “column” or “col” in their column names. I mean really… do you pin your own name upside down on your shirt? Seriously, this type of labeling is completely unnecessary and it probably reveals you as the half-baked amateur that you are. Label your column names descriptively: too little info is bad, but too much is no better.

The one exception I make to this rule is this: be verbose with your primary keys because you’ll use those in all of your join statements. I know it’s easier to code if every table uses the ubiquitous “id” as the primary key, but if you ever have to do complex MySQL joins for reporting queries you’ll appreciate the fact that user_id or post_id references the same thing no matter which table it’s used in. Continue reading Top 5 Script Kiddie Mistakes

Securing Your Email via 2-Step Verification

It is vitally important to keep your email account as secure as possible. Google is one organization that emphasizes security, so take advantage of it! For Google Mail, it is easy to enable 2-step authentication. The idea is simple: in order to log in, you must provide something that you know (your password) and something that you have (your phone).

Think about this for a moment… normally if someone gets ahold of your email password, they could read your email (or impersonate you!). Think about it a bit more: once a hacker is in your email, they can visit other sites (like Facebook, PayPal, or ???) and they can easily click the “I Forgot my Password” link, and POOF: they’ll be able to log into any site that uses that email address. Continue reading Securing Your Email via 2-Step Verification

The Importance of Unique Passwords

This is a topic that Brian and I have spoken about in several posts, but take a minute to think about it: what could happen if a hacker cracked just one of your passwords? You may not think your information is really very special… so what if someone reads your email to your mother, right? Well, let’s think about this a bit…

I just read Parmy Olson’s We Are Anonymous, and one of the most devastating hacks carried out by the hacker group Anonymous was against the cyber security firm HBGary Federal and its CEO, Aaron Barr. One exploit gave the hackers password hashes, which were then cracked, so suddenly hackers had Aaron’s passwords out in the open: “kibafo33”. Continue reading The Importance of Unique Passwords

Review of Web-based Project Management Software

Help! I gotta keep track of everything I gotta do! There is help available to track your projects, you just got to know where to look.

A lot of developers, designers, students, and even web-hobbyists have a lot of items on their to-do lists for any particular site or project. You have to remember to fix that one CSS glitch, or rewrite a page to use some new function… the lists can be long and daunting. If you’re like me, you’re likely to forget half the stuff you need to do, and if it weren’t for project management software, I might as well stay in bed.

To put it mildly, there are *a lot* of applications out there that help you track bugs and manage projects, and this article only looks as a handful of them. Although the general purpose of these web-applications are similar, there are substantial differences in the pricing models, features, and usability, and hopefully this article will help you identify an application that is right for you. Or, if you’ve never really thought about using one before, maybe this article can help show you why project management / bug tracking software is good to have around.

Continue reading Review of Web-based Project Management Software

Why GoDaddy is a Horrible Host

GoDaddy sucks… their dashboard is completely un-navigable, their shared hosting has repeated errors, their VPS hosts are so poorly configured that they can’t even run updates on themselves, their CEO murders elephants for his own amusement, and they think that a few Superbowl ads featuring Danica Patrick will somehow make us forget how bad they suck. And now this…

Continue reading Why GoDaddy is a Horrible Host

WordPress vs. MODx

There are a lot of Content Management Systems (CMS’s) out there, so I wanted to give a blow-by-blow analysis comparing two of them: MODx and WordPress. I feel oddly qualified to do so: Brian and I just authored a book on WordPress plugin plugin development (WordPress 3 Plugin Development), and I am a MODx Solution Partner who was invited to speak at the MODxpo conference in Dallas last year. I’ve used both flavors of MODx (Evolution and Revolution) and WordPress while building somewhere around 50 web sites over the past couple years, and I like both systems. I have even contributed a couple plugins for both systems (e.g. Custom Content Type Manager for WordPress). So after the urging of some friends and colleagues (like Kris), I’m organizing my techno-ramblings into a coherent article.

I’m going to walk through a series of areas and compare and contrast both how both CMSs work in those areas. The comments here apply to WordPress 3.x and (mostly) to MODx Revolution, but MODx Evolution is mentioned where appropriate.

Basic Stuff

System Requirements

WordPress 3.1 MODx Revolution
Server OS ???
  • Linux x86, x86-64
  • Windows XP
  • Mac OS X
Web Server
  • Apache ???
  • NGINX ???
  • Apache 1.3.x or Apache 2.2.x
  • IIS 6.0+
  • Zeus
  • lighthttpd
  • Cherokee
  • NGINX
Database
  • MySQL 4.1.20 or higher (5.0+ recommended)
  • SELECT, INSERT, UPDATE, DELETE, CREATE, ALTER, INDEX, DROP privileges
  • MyISAM table types
  • MySQL 4.1.20 or higher (excludes 5.0.51)
  • Default table encoding of UTF-8
  • SELECT, INSERT, UPDATE, DELETE, CREATE, ALTER, INDEX, DROP privileges
  • InnoDB and MyISAM table types
PHP Version 4.3+ (5.2+ recommended) 5.1.1+ (excluding 5.1.6/5.2.0)
 

  • Running as FastCGI
  • safe_mode off
  • register_globals off
  • magic_quotes_gpc off
  • PHP memory_limit 24MB or more

PHP Modules ???
  • zlib
  • JSON
  • cURL
  • ImageMagick
  • GD lib
  • PDO, with database driver
  • SimpleXML

*Source: WordPress requirements, MODx requirements

If the requirements for MODx Revo look insanely detailed, ask yourself this: “do you really want to be guessing whether or not your server will support a given app?” MODx Revo does a pretty good job of testing for the necessary requirements during installation, so you don’t have any unexpected surprises.

Installation

WordPress offers its “famous” 5-minute install, and I give them credit where credit is due: WordPress is a simple web app to install, but to be fair, installing MODx Evolution is also very straightforward.

MODx Revolution has beefier requirements, and it’s far more likely you’ll run into troubles setting up your webserver permissions or PHP extensions (e.g. PDO). Moving a Revolution install to a new server is also a tricky operation that requires some patience (see this how-to).

Summary

In short, WordPress and MODx Evolution are easily installed on practically any web server that supports PHP and MySQL. MODx Revo takes longer to install and configure and it requires a beefier server.

Templating

Hands down, MODx offers the gold standard in templating. Expression Engine is a healthy second place, but only in my days of doing Perl development with the venerable Template Toolkit did I encounter a templating system that followed good MVC architectural principles as well as MODx.

What does that mean? It means that if you’re a front-end designer who likes to roll your own HTML and CSS, then MODx will grant you total freedom to implement the designs you want, whereas WordPress may result in headaches and holes punched in your walls (no comment on the convoluted mess that is Drupal and Joomla templates). I’ve posted previously about creating templates in MODx Evolution and how to import existing layouts into MODx Evolution, and the process in MODx Revolution is nearly identical (the only difference is the format of the placeholders).

In MODx, you can easily have multiple templates (i.e. layouts), and use any one of them for any page. In WordPress, the ability to use a specific template is possible only with pages, not posts. The thing that really gives me convulsions is understanding how WordPress formats its special pages, e.g. a category page, or an author page. See the image below as a reference for how WordPress formats page requests.

WordPress Template Hierarchy
WordPress Template Hierarchy

See the official WordPress docs for Template Hierarchy for more information. I honestly have a hard time fathoming that this is the solution that actually got implemented… what other crazy ideas were on the drawing board?

Summary

If having a specific HTML/CSS layout for your site is more than a “nice-to-have”, then MODx will save you many hours; the time to rework layouts in WordPress can be considerable and some of the PHP hacks are not trivial, whereas MODx templates are easy to create, modify, and maintain.

Menus

MODx offers nearly infinite menu flexibility through use of menu-generating PHP Snippets, primarily WayFinder, but it’s not aimed at the average user. WordPress has a built-in GUI for creating menus, but I have experienced some bugs with it when using custom content types. Your WordPress theme may not support more than one or two menus, so in the end you may end up writing some code in your tmeplates (e.g. using my Summarize Posts plugin) so you can list the posts that you want to see.

In a nutshell, WordPress offers an easy GUI, but if you need more customization MODx’s flexibility here is far greater.

Plugins

WordPress has a huge number of user-contributed plugins available, whereas MODx has relatively few. The sheer number is not a good comparison, however; I downloaded and tested hundreds of plugins in the process of writing my WordPress book, and the number of plugins that are unusable due to sophmoric errors or plain-old bad coding is huge. I estimate that at least half of the plugins in the WordPress repository are unusable, and perhaps only a tenth of them are worth using. There are crufty plugins in the MODx repo to be sure, but the playing field is more even than you might think.

The real difference here comes when you have to write your own code: MODx is a lot easier to work with with a shorter learning curve for a majority of code, whereas learning the ropes of WordPress plugins requires more guidance (hey, did I mention we wrote a book about that?).

Architecture

This is an area that is hard to discuss unless you’re a geek, but in a word, MODx offers a robust and well-architected MVC framework under the hood that can make writing custom plugins (Snippets, manager pages, et al) a breeze. The work done by Jason Coward and Shaun McCormick is really astounding.

Some of the limitations to WordPress are really staggering: it is basically a stateless application, so by default it does not use sessions, and nearly all of its API functions exist as procedural functions in the main namespace, so naming collisions are a big concern when authoring plugins. This makes certain functionality damn near impossible in WordPress. For example, creating a WordPress application with a login portal and access to custom data models would require an enormous amount of time. Even accessing WordPress’s posts and categories is difficult at times; I basically had to rewrite core WordPress functionality with another plugin (Summarize Posts) just to get the menus and summaries I needed for one recent site.

Another severe limitation is WordPress is that all extensions to the core occur via plugins that are triggered by system events (confusingly they are loosely categorized into “actions” and “filters”). This construct can be awkward at times, and the WordPress architecture is showing its age as the number of events exponentially increases, whereas the amount of documentation for them continually wanes. Realistically you can get WordPress plugins to do just about everything you need using only a handful of events, but debugging someone else’s plugins is a nightmare: there is no centralized location listing which events are being hooked into, and new events are often created and executed on the fly. Debugging WordPress plugins is like Alice’s trip down the rabbit hole: majorly trippy,and you don’t know if you’ll ever come out.

User management is another area where MODx dwarfs WordPress: Revolution can handle totally granular control of permissions, but it is admittedly overly complex for 90%+ of use cases. Evolution offers a much more sensible permissions scheme that covers most use cases.

MODx offers much more sensible implementations of custom code: like WordPress it uses event-driven plugins, but it also uses custom PHP snippets which can be placed anywhere on a page or in a template.

Another impressive feat is how MODx Revolution has abstracted the database into a separate coding layer — that means it is relatively easy to interface with custom database tables (or even to other database engines) using code that is completely database agnostic (support for SQLite and PostGREs is in the works). That’s some seriously geeky stuff that has kept me awake at night trying to comprehend how they accomplished that. MicroSoft has even worked directly with the MODx team because MODx’s architecture is flexible enough that it can run on an all MicroSoft stack (i.e. IIS and MS-SQL). I can’t think of a single other system that switch-hits as well as MODx.

Summary

If the site you are building is more of a web application that requires a lot of custom coding, go with MODx; the level of maturity in the underlying MODx framework is light years ahead of WordPress, but be advised that the coding in MODx is sometimes so advanced, it takes a very senior developer to understand what’s going on. If you decide to do a more serious application-type-project in WordPress, be sure to allocate extra time to augment or rewrite the core code. If you’re doing basic extensions or variations of a simple site/blog, then WordPress plugins can do that pretty well, so don’t overcomplicate things.

Dashboard

WordPress offers a clean manager dashboard for its administrators which relies on the jQuery JavaScript library to provide AJAX functionality and smooth user experience. It’s pretty easy to find your way around.

WordPress Manager dashboard
WordPress Manager dashboard

MODx underwent a huge change in its manager dashboard between Evolution and Revolution, and the Revolution dashboard is overwhelming for many. Evolution’s dashboard is cleaner and snappier.

MODx Evolution Dashboard
MODx Evolution Dashboard

MODx Revolution’s manager dashboard is still being optimized. It’s based on ExtJS. For those of you not familiar with ExtJS, it was based on YUI (the Yahoo User Interface library), and it offers some fatastically powerful features for building interfaces for web applications. My only complaint with it is that it’s heavy: the MODx Revo dashboard can take a long time to load, and sometimes clicking on buttons and links feels unresponsive.

MODx Revo dashboard
MODx Revo dashboard

Summary

Do not make your decision about which system to use based on the dashboard alone — that’s like marrying a girl for how big her tits are. I know some clients who have loved and hated the dashboards in both systems. Again, MODx offers more flexibility if you want to change the dashboard behavior. The big difference here is simple: WordPress gives you a super clean view of your posts based on time whereas MODx gives you a hierarchical view of your posts.

Blog

Everybody wants a blog, just like everybody wants a shiny new car. Authoring blogs has been a core competency of WordPress, and they get massive props for making them very simple to setup: out of the box, you can get a blog up and running with integrated tags and categories and comments within minutes. It’s really what WordPress is all about: blogging. WordPress even has some nice security features in place with its Akismet spam filter.

Contrary to some of the on-line murmurings out there, both versions of MODx can run blogs, but until MODX 2.2, the process to set them up was painfully laborious in comparison. The Articles extra for MODX gives you a quick and easy blog — it can even import your posts from WordPress, so the gap between the two systems is closing quickly. The only thing it doesn’t do as well as WordPress right out of the box is its taxonomies (tags and categories): you still have to do some configuration to get those configured how you want them, but as the docs say:

“MODx Revolution is not blogging software, but rather a full-blown Content Application Platform, it doesn’t come pre-packaged with a cookie-cutter blogging solution.” 

Summary

If your priority is to get a blog up and running as quickly as possible, and you have few requirements for supporting any other content, then WordPress is the way to go. Starting with MODX 2.2, however, you can use its “Articles” extra, which gives you simple blogging functionality, with many of the features available to WordPress.

Custom Content (CMS functionality)

If blogging is where WordPress shines, then CMS functionality is where MODx clearly has the upper hand. WordPress does support custom fields for its posts and pages, and in version 3.x, they support additional “post types”, so finally WordPress is getting some traction as a CMS, but it’s still a bit of a toy in comparison to MODx.

One of the biggest problems with WordPress as a CMS is its lack of support for sensible custom fields: for each post or page, you have to manually add the same custom fields over and over again, and by default, the custom fields are always simple text fields. I have attempted to rectify this in my Custom Content Type Manager plugin, and my plugin does a lot to give WordPress CMS capabilities, but it still represents a series of awkward workarounds that stretches the WordPress core nearly to its breaking point.

One related area here is how MODx can manage and serve static files via what MODx calls “Static Resources”. This is a great way to enforce permissions on viewing, streaming, or downloading static files (e.g. PDFs or Flash movies). WordPress just flat out can’t do that.

Although MODx offers greater flexibility, WordPress’ integration is a bit cleaner for the manager user (it’s a holy pain in the ass for the developer, but if you download my plugin you should avoid this unpleasantness). When WordPress registers a new “post type”, you get a nice menu icon in your dashboard and it’s really clear to the manager that he/she is adding a new post, page, or movie (etc). For example, if you want to add a movie post, you’d click on “Add Movie”. It’s really quite logical. In MODx, this same type of distinction occurs at the template level. Architecturally, this makes sense, but it’s confusing for the manager user, because it may not be at all clear that they need to add a “normal” page (i.e. resource), and then choose to use the “movie” template. I’m planning a MODx plugin to help rectify this UI “wart”.

A custom post type in WordPress
A custom post type in WordPress

Summary

If you have to display multiple types of content on your site (e.g. an eCommerce site), then MODx offers far greater flexibility, but it does take longer to configure. If your CMS requirements are simple and you don’t need to worry too much about customizations, then WordPress can do that very well and very quickly.

SEO

SEO is the an cyclical buzz, and at the moment, a lot of SEO guys are hailing WordPress as the holy grail of search-word wad-shooting. To be blunt, I think SEO is largely an over-hyped crock of crap. If you build a well-structured site with good content, your pages will show up in search results: if there is a site out there with awesome content that is not showing up in relevant search results, I have yet to see it. Search engine optimization is often a pseudo-science practiced by get-rich-quick marketeers who are convinced that they can turn lead into gold by over-hyping a site with various gimmicks. 90% or more of SEO should have to do with creating good content, and perhaps the last 10% of your efforts should go into polishing your site. It can be used to improve search results, but it tends to fail when you try to make search results come out of thin air. Too often I have seen companies do this the wrong way around: they spend 90% of their time publicizing a site that is a vapid cesspool instead of spending their time making a site that’s worth visiting. At best, SEO techniques are constantly changing as Google updates and refines their indexing algorithms. If you optimize your site today and Google farts tomorrow, all of your work may be for naught. Do your due dilligence, but it’s just not worth spending inordinate amounts of time tring to beat Google at their own game.

Rants aside, both systems offer ample ways to do search engine optimization. Assuming that you have good content, the rest of the process boils down to having well structured HTML (which relies on a solid templating system), and the ability to effectively index your pages. WordPress offers built-in taxonomies (categories and tags) for flagging your posts, and MODx can be set up to do this rather easily by using an Auto-Tag custom field (a.k.a. a MODx “Template Variable”).

MODx offers a much more flexible system for generating URLs (basically you can use any URL you want for any page). WordPress does offer flexibility here, except for its special pages (e.g. category listings or author pages).

Summary

Comparing SEO features between MODx and WordPress is a moot point: both systems allow you to adequately structure your content and your site.

Security

No system is 100% secure. MODx has had relatively few serious exploits; WordPress has had many, no doubt due in part to its popularity. For what it’s worth, I have had WordPress and MODx Evolution sites hacked, but not yet a Revolution site. It’s hard to quantify how secure an application is… I’d love to see the detailed forensic results of a penetration test against default installations of both CMS’s. In general though, the WordPress architecture is primitive and more ripe for being hacked: it’s more difficult to lock down spaghetti code. WordPress also offers many more plugins, and the plugin authors tend to be less experienced, so their code is more likely to have security holes.

There are many fingerprinting utilities out there that will attempt to locate known weaknesses in plugins, and WordPress is more easily fingerprinted; MODx Revo allows you to change default locations for the MODx manager or to even remove it from public view altogether. There are some discussions in the MODx Forums about how to harden MODx, but I haven’t yet seen a detailed how-to on how to eliminate the most common attack vectors. There are also good posts out there for hardening WordPress.

I reported a nasty vulnerability in phpThumb that affected MODx and numerous other CMS’s (phpThumb is a popular image manipulation library), but the MODx Revo architecture prevented the exploit from succeeding on Revo (good job to Shaun and Jason for architecting the connectors in the way they did).

Summary

I feel that MODx Revolution is probably more secure, but there are no guarantees when it comes to security. No system is bulletproof, so you best have redundant backups on hand and follow the recommendations of Basic Web Security no matter which system you’re on.

Support

This is another area that is pretty black and white in my opinion: WordPress support sucks. Although WordPress is more popular if you look at the numbers, you wouldn’t know it if you post questions in the WordPress Forums. I have rarely gotten any useful answers (if I got answers at all): anything beyond simple inquiries tend to go unanswered, leaving me alone in the dark reverse-engineering damn near everything.

My other gripe with WordPres is their weird distinction between WordPress.com and WordPress.org. You can host your blog at WordPress.com, and then you get more support, but it is effectively software as service: you can’t upload plugins and you can’t modify code, so the interface suddenly becomes a bit like BlogSpot.

By contrast, the MODx Forums are full of helpful people. It’s a great place to be: it’s not uncommon to get responses from the core team on almost any level of inquiry, from trivial to cerebral meltdowns. There are some superstar participants, such as Susan Ottwell and Bob Ray, who have both contributed immensely helpful posts and tutorials on how to use MODx. MODx also offers commercial support; it’s still in its infancy, but for a yearly fee, you can get access to a kind of “MODx hotline” and get help resolving MODx issues on your sites.

Documentation

In the same breath as support, I must mention documentation. In general, documentation for both systems is lacking, in some areas painfully so. While using WordPress, I have often I have searched for hours trying to find a way to do a certain thing, only to end up grepping through the code base and deciphering the raw code myself. Frequently the official documentation has holes or in some cases, it’s just plain wrong. The best resources for some advanced WordPress features are blogs written other developers.

MODx’s documentation is also frustratingly AWOL on a number of topics, but least the MODx code base is integrated with a standard documentation publishing system so if needed you can see for yourself how the functions are structured without having to grep through the code base. The vibrant MODx forums fill in a lot of the holes in the documentation, and that’s a huge benefit for any open-source project.

Summary

If you need support for your site, especially guaranteed support, then only MODx offers a paid support service; WordPress doesn’t offer a paid support option.

Scalability

WordPress can handle a huge number of posts, but it does get bogged down with a large number of pages, and there are lots of whisperings about this (e.g. here). I suspect it has to do with WordPress’ convoluted templating system (see above), which makes me wonder what the limits are on custom post types.

MODx Evolution suffered from a limit of approximately 5000 resources (in MODx, pages and posts are types of resources), but that limit has been corrected in an upcoming release thanks largely to the efforts of Charlie over at ProWebscape.com.

MODx Revolution has no such limits: it offers a great built-in caching system that allows it to serve pages very quickly. It has been benchmarked as twice as fast as Expression Engine (see this blog post).

More importantly, MODx Revolution was built with scaling in mind: it stores session data in the database, so it is easily deployed on load-balanced servers. This is hugely important if you are building a site that might one day get massive amounts of traffic; WordPress can be deployed like this, but such usage is not generally anticipated. I don’t know of many large commercial sites running WordPress (in fact, I only found one: 9rules.com).

Summary

MODx is by far the more mature option here if you anticipate building a large site.

Conclusion

I do like both systems, and I use them both daily. WordPress has a much lighter footprint and is easier to use for a large number of use-cases: if you just need to get a site out the door fast, then WordPress is really hard to beat. WordPress is plug-and-play for just about everything and that saves you hours of setup time, so it can be the right solution for a majority of sites. But the more customizations you require (particularly in scripts or in layouts), then the more appealing MODx becomes: WordPress has thousands of plugins available, but if those aren’t meeting your needs, I’ve found certain types of customizations to be extremely difficult in WordPress whereas most often, MODx handles them with ease. Doing things like building web applications with strict formatting requirements is much easier in MODx because it’s built more as a launchpad for customizations: it’s really more of a content management framework (CMF). MODx Evolution is the best system I’ve used for building small to medium sized informational/brochure sites, WordPress rules as the blogging king, and I’ve been very impressed with how easily I can build web applications using MODx Revolution. There isn’t one tool that’s right for every job; the more projects you complete, the better idea you’ll have as to which system will accomplish your requirements more easily, and hopefully this article helps you spot more of what each system is good at.

Comparison of VPS Providers

So you’ve graduated from the world of shared hosting providers and it’s time for you to set up your own big-boy hosting package. You need a Virtual Private Server (VPS) of some sort, but the options are dizzying because these services have become a commodity: it seems that nearly everyone is peddling some variation of them. Well, we feel your pain. And I feel my own pain… I’ve dealt with a number of hosting providers over the past few years, and I’m writing this article to share with you my opinions. I’ve set up accounts for myself or for my clients on all of the following systems, and here is my unbridled opinion of each of them. Keep in mind that these reviews and opinions relate primarily to using the services for web hosting.

These aren’t affiliate links unless otherwise indicated (hey, if you want to throw us a bone for saving you the pain of experiencing these guys yourself, then please, feel free to click the affiliate link: it costs you nothing and it is your way of saying “thanks for saving me the trouble of learning this stuff the hard way”).

LiquidWeb

LiquidWeb has impressed me with its clean integrations and its “heroic support”. That doesn’t mean they’ve been able to fix every problem I’ve had, but to be fair, a lot of the tricky stuff was weird 3rd party installs that *I* struggle with greatly. But they have been very responsive in their tickets and I’ve never felt abandoned or in the dark.

The standard VPS’s offer a good value, but if you need more horsepower, their SmartServers offer a nice combination of virtual/cloud and dedicated qualities, and it’s a good combo for many folks. These come by default with WHM/cPanel, so it’s easy to set up sub-accounts with their own logins. Throw me a Bone (affiliate link)

Media Temple

This is a popular option, although I’m not sure why… their cloud servers go down frequently, they’ve had several pretty severe security issues, and using SSH on their servers is a holy pain in the ass because SSH dumps you in some foreign directory miles away from your home directory, whereas FTP takes you to your home directory. What? Yes, it is obnoxious and confusing, and they disconnect your SSH session after 5 minutes, which is approximately 1 minute less than the time it takes you to RTFM through your notes and emails to find where the hell your home directory is or which command you need to run to escalate yourself to the proper user to be able to do anything useful. MediaTemple uses Plesk to offer control panels to their clients, and Plesk is a nightmare if you ever try to do any sysadmin work on the command line. I’ve had a couple clients on MediaTemple, and it just seems like it’s a rocky road with bumps in the service and difficulties in doing basic tasks. It’s not the worst out there, but I wouldn’t rate MediaTemple as anything better than mediocre.

VPS.net

I do not recommend these guys. They do have a nice looking site and what looks to be a nice product, but my experience with them was wholly negative. “Jeez”, you might be thinking, “don’t flame a brother in writing!”, but sit down around the campfire and let me tell you why I feel completely comfortable doing so….

It all started when I set up a VPS server with VPS.net and I signed up for their paid snapshots knowing that I was liable to screw up my server at some point and I’d want to roll back to a snapshot image. Sure enough, I borked my server by removing the sqlite package, which completely destroyed the functionality of my yum utility (don’t ever do what I did, by the way). “No problem”, I thought, “I’ll just roll back.” Well, the restoration process had a fatal flaw, which completely toasted my server. After using their “restoration” utility, I didn’t just have a server with a broken yum utility, I had a completely fried server (ooo… that’s a bad code taco on that one). The people over at VPS.net were completely unwilling to admit the problem. I wasted about 2 days waiting for them to either fix the problem or to just come clean and say “hey, we’re really sorry, but we had a glitch in our snapshot utility so we only have partial backups of your server.” No. They hemmed and hawed and wasted my time for 2 days until finally one of the techs admitted that there had been a problem. I think he was probably later executed by firing squad for insubordination and refusing to tow the party line. I needed to clock in about 40 hours (all un-billable, by the way) to rebuild the server from scratch, and they acted like the Soviets when Chernobyl blew up: in typical fashion they denied anything happened until European scientists started measuring massive amounts of radiation and said “uh, comrades… did something happen at your reactor?”

While waiting days for a response (all while my server and all of its sites were completely down), my patience got exhausted, so I finally threatened to make a blog post like this one. The CTO jumped in saying “I was approaching this in the wrong way”. I listed the several tickets that I had filed that had gotten no response for 48 hours (even ones that *he* had initially responded to). And then even the CTO stopped responding to my requests for information (read: he must have known how badly they screwed up). His response was literally an advertisement: he blabbed on about how awesome their servers were and what great new offerings were available. I felt like he had just run over my dog, and instead of apologizing for killing my best friend, he was yammering on about awesome his car was with its dual-hemi’s, turbo-charged engine and high-performance tires. The final “kiss my ass” message they sent me was a legalese “F-U” which basically stated that none of their services, including backups, were guaranteed. Seriously, I don’t often say stuff like this this in writing, but VPS.net can go french kiss a donkey’s ass. I gave them every opportunity to respond to my questions or to justify their actions, and they ignored me, so I feel I’m being more than fair.

So dealing with VPS.net cost me several thousand dollars, it almost cost me a client, and their ineptitude set me back on several high priority projects, and their response to a completely legitimate issue was childish and unprofessional, and my requests for just basic professionalism were ignored. So there you have it: my rant against VPS.net. Use their services at your own risk.

VPSlink.com

These guys offer a simple no-frills hosting package, and I’ve used them for several dev projects over the years. Nothing fancy, but they are responsive to the requests, and I’ve only had minimal fuss with their servers and their control panel is easy to navigate. They may not give you as much RAM as some for the price, but they do give you lots of CPUs (like 16!). I like these guys and I give them a good thumbs up. There is no cPanel type dashboard for sub-accounts, so this one is only for command-line sysadmins only.

ServerAxis.com

This is another no-frills VPS system that offers some pretty nice stats for the price: lots of RAM and a good amount of CPU. They offer a few more options than VPSLink (e.g. you can pay extra to get an external backup volume mounted to your server), and they are a bit more scalable, but I didn’t find their admin panels very intuitive, so I’ve lost time fumbling through them. There is no cPanel type dashboard for sub-accounts, so this one is only for command-line sysadmins only, but still a solid thumbs-up with these guys.

GoDaddy

Ah yes, now even GoDaddy is offering VPS services (hey, we said this stuff is becoming a commodity). The prices there look competitive, but my experiences with GoDaddy as a host have been mindbogglingly poor. Their shared hosting is a complete disaster — hands down, it’s the worst I’ve seen… they arbitrarily limit functionality, it takes hours to complete tasks that take only minutes on other hosts, and all for a cost that is higher than their competitors. I even had one of their techs tell me that the MySQL dump was “working perfectly” when the log file showed clearly that there was an error. Blink. Are they blind? Or just stupid? They also had zero understanding of how DNS records worked, so they weren’t able to offer any assistance in configuring a custom zone file. Furthermore, their dashboard is impossibly confusing to navigate. Do you know that weird castille soap by Dr. Bonner? I’m pretty sure the intern that did the layout for that soap is the same person who did the UI for GoDaddy’s control panel because I always have to dial their support # when I have to do anything in there.

Did the same guy do GoDaddy's control panel layout?
Layout designed by GoDaddy: Worst Layout Ever

I mean seriously… can you read that?

So even though these look like competitive prices, I have severe reservations about using GoDaddy as anything more than a registrar. Hey, I want to jump on Danica Patrick as much as the next horny guy, but maybe if they spent some time cleaning up their site and services instead of Super Bowl ads and models, they’d have a product worth recommending, but as it stands, you should pass on GoDaddy as a host.

Amazon cloud EC2

This is a popular option because hey, it’s Amazon… but I’ve found EC2 cloud stuff to be a pain in the ass to use simply because you get lost on the command line. It’s worse than MediaTemple from a command-line standpoint. In my opinion, being on the cloud means your data theoretically is always there (there are outages), but if you’re coming in via SSH, then you can’t find it. Haha. Only sort of kidding there. In general, this isn’t a very nice option for those people doing simple web hosting types of services. It’s more appropriate for companies doing persistent application deployments.

Other Providers

I feel obligated to mention the following 2 providers because so many people I work with recommend them highly:

I don’t have first hand experience with them, so I can’t comment directly.

Conclusion

There are a lot of options out there, but with enough time, patience, and trouble-shooting elbow-grease, you can find a web host that works for you.