Interview With Security Team Member of PHP Framework Codeigniter – Ben Edmunds

Interview With Security Team Member of PHP Framework Codeigniter – Ben Edmunds

Ben Edmunds is the CTO of Mindfulware, an insurance and healthcare technology company. He has over 15 years of experience working in various industries, including enterprise software and robotics.

He mainly creates web and mobile apps. Also, he is the co-host of the PHP Town Hall podcast. He has written various books on web security. He is a proud open source contributor.

He is a member of the security team for the popular PHP framework, CodeIgniter. Ben is a name to contend with in the Laravel and CodeIgniter communities.

HostNoc: Please tell us about Mindfulware, how is it different from other app development agencies? What do you exactly do over there?

Ben Edmunds: We mainly work in the insurance and healthcare technology space, developing products and custom white-labeled solutions for enterprise clients.

I’m the CTO here, which means that my tasks might change drastically from day-to-day, but the general goal is to do whatever is needed to keep things running smoothly.

I’m a software developer but a lot of my time is spent managing people and working on the business side of things recently.  I’ve found that the people aspects of software are even more rewarding for me than the technical aspects.

HostNoc: Please tell us about the vision behind the PHP Town hall podcast? Which episode has been the most memorable for you? Please share some experience.

Ben Edmunds: Years ago, a few of us in the CodeIgniter community would host periodic video chats that were open to anyone who wanted to join.

We’d mostly discuss what new features were coming, or help someone troubleshoot an issue, or just chat with no real agenda.  It was one of the things I enjoyed most about the community there, it allowed you to put faces with the names and was a casual way to stay up-to-date.

One day Phil Sturgeon and I were discussing how much we enjoyed the CodeIgniter video chats and started brainstorming ways we could bring this to the larger PHP community.

We didn’t feel that an open invitation video chat would work for this since the PHP community as a whole is really broad.  After some back and forth, we settled on a video/audio podcast that invited a couple guests on each episode to discuss several topics relevant to PHP developers in general.

My favorite episodes are the live ones.  It’s where we set up equipment at a PHP conference, invite several participants to be on a panel, have a live audience, and record the conversation.

These are by far the worst recordings and the episodes tend to veer off topic.  So, the actual quality as a podcast episode is poor, but the experience is just really great fun.

It captures the idea of the town hall, a bunch of friends getting together over drinks to discuss topics they’re passionate about.

HostNoc: Your book about PHP security is quite famous in the community. Please tell us how the idea came in your mind to write on security. What does this book cover?

Ben Edmunds: Back in the early days of learning PHP, I started writing a new application for my job at the time.  I couldn’t find an authentication library that I liked.

What started as a minor problem, lead to me spending years writing and maintaining my own authentication library! This basically forced me to learn about authentication, security, hashing, commons hacks, etc.

So the idea of the books is to condense the knowledge that I gained over years, into short guides for PHP and JS developers to help quick-start their security learning curve.

HostNoc: What do you say about the growing trend of micro frameworks among PHP developers? What are their pros and cons?

Ben Edmunds: I’m rather torn on this.  I think micro-frameworks or framework-less projects that only use various libraries definitely serve a purpose.  I think the full stack framework also serves a purpose though.

The context of which to use differs for every project and depends on what you’re comfortable with as a developer.  As of right now, and this will definitely change over time I’m sure, I use:

– for APIs, I usually use a micro framework

– for websites / small web apps, I use a full stack framework

– for full-blown enterprise apps, I use libraries and take the time to create a skeleton from the pieces that I need.

The reason for this is that I think you should use the simplest tools for the job, that still help you ship something.

If I were to try to architect my own framework from libraries for every small side project I work on, I’d likely never ship anything.

A project built on many small libraries is often faster and a most direct way to solve problems.  Another factor to consider though is maintainability and hiring.

It’s a lot easier to onboard a new developer to maintain X framework than it is to find a developer to maintain a project built on 10 different libraries.

HostNoc: What would you like to recommend to newbies who wish to learn CodeIgniter framework from scratch?

Ben Edmunds: If you want to build something fast, I’d recommend picking up CodeIgniter 3 and working on a sample project.  However, if you are wanting to learn more and have a little more time on your hands, I’d recommend looking at CodeIgniter 4.

It’s still in the development phase but is nearing completion and follows much more modern concepts.  It also works more similarly to other frameworks so picking up your next framework will be even easier.

I think the best way to learn is by doing.  Make something, fail, google, iterate, fix it, and continue that cycle until you have something, you’re proud of.

HostNoc: The workstation of developers is often very messy. How is yours? Please share an image for our readers?

Ben Edmunds: I need a very tidy workstation to be productive.  I often work from my MacBook Pro when I’m traveling but when I’m home I have an Autonomous standing desk with three 27″ curved Samsung monitors.

I use a Mac Mini to drive two of them and a MacBook Air to drive the other one.  I have an Apple Magic Trackpad, Apple Magic Keyboard, and Logitech Anywhere Mobile Mouse MX, using Synergy to connect them to both Macs.  I use a Yeti Blue mic for podcasting.

HostNoc: You have been working in the community for a while. Which personalities have been your inspiration?

Ben Edmunds: Cal Evans was one of the first people I met from the wider PHP community, and he has definitely had a massive role in shaping it.  Adam Culp is always an amazing example of running events and supporting the local communities.

Matt Trask and Tessa Mero have both stepped up to contribute to the community, always helping new developers feel welcome.  Also, Taylor Otwell and Sara Golemon for their amazing code contributions.

HostNoc: What do you think is the significance of attending international conferences? Please share some of your memorable experiences w.r.t attending community events?

Ben Edmunds: I think they have an enormous impact.  They help spread the best practices across various communities, but even more so, they foster a connection between us all.

A developer in the rural US or a developer in Africa can be just as connected to the developers within a community in San Francisco or New York.

My favorite from an international conference was going to Johannesburg for SouthAfrica PHP.  We saw amazing animals, the culture was unique and wonderful, and it was my first time driving on the left side of the road.

The people there were really just amazing, it was great to connect with developers so far away yet have so much in common.  They really welcomed us, even inviting us to a braai at their house over the weekend.

HostNoc: What are your hobbies and interests? How do you keep yourself reinvigorated after hours of development?

Ben Edmunds: For fun, I travel often, trade futures, ride a motorcycle, and hang out with my fiancé and our basset hound.  Also, currently we’re renovating our house in Alabama so I’m getting to work with my hands instead of just moving pixels around.

HostNoc: When it comes to PHP hosting, you can’t compromise on server performance. HostNOC promises secure dedicated servers as well as effective cloud server management. How do you see the future of HostNOC (opt)?

Ben Edmunds: I’ve never used HostNOC so I can’t recommend something with certainty but from reviewing your site, it seems that better container and serverless support might be good additions.

About the Author
Atif Shahab
Atif Shahab is Community activist specializing in Project management, Digital Marketing, Cloud Computing, Big Data, AI, Data Science, PHP, and WordPress Communities. He is a fan of classical music and loves traveling with friends. When he is not doing anything, he looks after his plants in his homegrown garden and spends time with his pets. Stay Connected with him at Twitter.

Comments are closed.

Sign In
New user? Apply in here.