Just a few thoughts as your post is quite pessimistic.
If you don't have the knowledge to configure a webserver, consider using a PaaS, e.g. Google App Engine. This way you hand over all the hassle to an experienced team of system engineers who work 24/7 to keep your app online.
Or you can use a server management software. From my own experience Plesk is really good at this. However, the default configuration can still be improved.
Before you reinvent the wheel (e.g. building the next eCommerce software), check for available Open Source solutions in the field and their developer documentation. You'll benefit from the efforts of the community to build a solid software.
I'm a small business programmer. I love solving tough problems with Python and PHP. If you like what you're seeing, you should probably follow me here on dev.to and then checkout my blog.
Thanks. These are good tips to help people outsource some of the problems I mentioned, which is a viable strategy.
However, they don't address the underlying issues with software security. Your code is/was still vulnerable to Meltdown and Spectre no matter how you serve it.
I don't think that "code" can be vulnerable to Meltdown and Spectre. These are information leakage vulnerabilities which require to run code on your machine. If you're running your web application on bare metal (no shared host), you won't be affected much as long as you apply normal security best practices.
In cloud environments these vulnerabilities are critical, but I expect all major cloud platforms to apply the patches quickly.
Vulnerable clients should also apply normal security best practices, including ad blocking and patching.
I'm a small business programmer. I love solving tough problems with Python and PHP. If you like what you're seeing, you should probably follow me here on dev.to and then checkout my blog.
Just a few thoughts as your post is quite pessimistic.
If you don't have the knowledge to configure a webserver, consider using a PaaS, e.g. Google App Engine. This way you hand over all the hassle to an experienced team of system engineers who work 24/7 to keep your app online.
Or you can use a server management software. From my own experience Plesk is really good at this. However, the default configuration can still be improved.
Before you reinvent the wheel (e.g. building the next eCommerce software), check for available Open Source solutions in the field and their developer documentation. You'll benefit from the efforts of the community to build a solid software.
Thanks. These are good tips to help people outsource some of the problems I mentioned, which is a viable strategy.
However, they don't address the underlying issues with software security. Your code is/was still vulnerable to Meltdown and Spectre no matter how you serve it.
I don't think that "code" can be vulnerable to Meltdown and Spectre. These are information leakage vulnerabilities which require to run code on your machine. If you're running your web application on bare metal (no shared host), you won't be affected much as long as you apply normal security best practices.
In cloud environments these vulnerabilities are critical, but I expect all major cloud platforms to apply the patches quickly.
Vulnerable clients should also apply normal security best practices, including ad blocking and patching.
Yes. Where I said "code" it would have been more accurate to say "the security of the information contained in your app" is/was still vulnerable...