Heroku Blog

PHP developers are makers at heart. The core strength of PHP has always been in creating a tight feedback cycle between developers and their audiences. That strength is the reason why PHP powers so many of the world’s biggest and best web properties such as Facebook and Etsy. But as developers of those and similar apps know, PHP hasn’t always enjoyed some of the runtime, management or infrastructure elements its peer communities like Ruby on Rails, Python with Django, and Node have had for some time. As one of the web’s largest PHP shops, Facebook has been an advocate and…

The announcement earlier this month of the “Heartbleed” bug (CVE-2014-0160) in OpenSSL once again focused attention on the technology used to secure communications on the Internet. Heartbleed was a very serious vulnerability and we moved as quickly as possible to patch systems and eliminate this threat on behalf of our customers. But security is not just about fire drills, there are many steps that can be taken over time to continually improve security. Over the last months we have rolled out several security improvements to Heroku SSL Endpoints, including: Perfect Forward Secrecy TLS 1.1, 1.2 support Updated ciphers These enhancements…

We love seeing our customers’ successful and gaining recognition for the amazing businesses they are building. So, as you could imagine, we were thrilled to learn that a Heroku customer was featured on ABCs Shark Tank last Friday, with two more being featured over the next couple weeks. Plated – Aired 4/4 at 9pm ET on ABC Plated, a New York City-based food/tech company, aims to make it simple and fun for people to create healthy, homemade dinners by delivering fresh ingredients and chef-designed easy-to-follow recipes directly to your door. With delivery now available to 80% of the USA, Plated…

We are really honored to be a part of PyCon again this year. We have a big booth in the expo hall and a bunch of people who are really looking forward to attending and who are there to answer questions, hack on code, troubleshoot, or shoot the …. Enter to win: While you are in our booth, you can enter to win $500 (in cash or credits) toward the open source-related project, user group, meetup, or organization of your choice. Ask at the booth for details. Here’s who is going to be there this weekend: Craig Kerstiens (@craigkerstiens) Dave…

Yesterday the OpenSSL Project released an update to address the CVE-2014-0160 vulnerability, nicknamed “Heartbleed.” This serious vulnerability affects a substantial number of applications and services running on the internet, including Heroku. All Heroku users should update their passwords as a precautionary measure. If you are currently running the SSL Endpoint add-on, you should re-key and reissue your certificate and update it as it may have been exposed. As of Tuesday, April 8 at 15:55 UTC, all Heroku certificates, infrastructure, and Heroku Postgres have been updated and are no longer vulnerable. Continue reading for further details on each affected vector. Vulnerability…

AWS Summit SF is coming up on Wed March 26th at Moscone South. We are thrilled to be sponsoring the Developer Lounge. Heroku engineers and staff will be available throughout the day to answer your questions about Heroku; developing Ruby, Python, and Node apps on Heroku; Heroku Postgres; and the architecture of apps using both Heroku and AWS. If you plan on attending, please stop by, say hello, and bring your questions. Or you can just play ping pong. If you would like to set up an appointment for a specific time, please send us an email.