DEV Community

Cover image for How to choose the right backend technology?
Prafful Lachhwani
Prafful Lachhwani

Posted on • Updated on • Originally published at blog.iamprafful.com

How to choose the right backend technology?

Web technologies are growing so fast that we now have tons of modern tools and frameworks. Be it a choice of frontend, backend or database. Many developers have this big question - Which tech stack I should begin with?🤔

Sometimes we end up choosing the one we worked on before or language we are comfortable in. As human nature, we always stick to our comfort zone and that's where things start going wrong. This may include choosing a framework being overkill. Or, even worse, we pivot from our existing tech stack in the middle of a project and end up re-writing the code in a different language.🤦‍♂️

So, it's important to choose the right tech stack before starting a new project. With this post, I will help you with a thought process so that you could choose the best tech stack.

1. Getting the content

This is a three-part series. In this post, I will talk about various backend technologies such as Node.js, Java - Spring, Laravel - PHP and Python - Django. We will compare them on different aspects such as reliability, scalability, performance, security, developer's experience and most importantly cost of hosting. In the later posts, we will compare different frontend technologies and various databases. So, let's get going!

2. What is a backend?

In a nutshell, the backend has the code which runs on the server-side and is responsible for handling and managing storage, database and other resources. The backend is also called the data access layer of software.

image.png

One should always start with choosing the right backend. Because it acts as the backbone of your application. We have so many alternatives out there, we will cover some popular backend frameworks in this article and will see which one is appropriate for a given scenario.

3. Node.js

Node.js uses asynchronous programming! Meaning, it is non-blocking. In other words, It does not wait for a resource to finish the job. It is immediately ready to take up the next request and gives a callback when it's done. Node.js runs like a rocket and it is very scalable.

When to use Node.js?

When your application is highly event-driven and performs lots of I/O operations. Also, when you have to make various API calls from the backend itself. Here in this scenario, you can leverage its non-blocking feature.

When NOT to use Node.js?

When you have a heavy algorithm or a job that consumes lots of CPU cycles. Because Node.js runs on a single thread just like client-side js, your application will be very inefficient for CPU intensive jobs.

4. Java - Spring Boot

Spring is a powerful, lightweight, and most popular framework which makes Java quicker, easier and safer to use. Spring boot helps you to build production-ready Spring-based applications. It serves 80% of everyone's needs for a modern web application. It is highly useful for creating stand-alone, production-grade applications with minimum effort.

When to use Spring Boot?

When your primary focus is security, maybe you want to write banking or financial applications. Where you cannot compromise with security, Spring boot will be the best option. As Java supports multithreading out of the box, it becomes a great choice for building complex and highly concurrent web applications.

When NOT to use Spring Boot?

Although, there are no limitations to the spring framework, it can serve all your needs. But, sometimes trivial apps which do not need heavy computation, spring as a backend will be an overkill. The only thing for saying no to Spring boot is that it's a bit complex and requires a lot of expertise.

5. PHP - Laravel

PHP is an old friend who introduced me to web development.🥺

Laravel is an open-source PHP framework. It follows an MVC (Model-View-Controller) architecture. Laravel makes life easier as it has so many developer-friendly features, one of them is query builder or ORM (Object-Relational Mapping). Before Laravel, it seemed like PHP is dying but now it is one of the competitive frameworks.

is-php-dead-0-1.jpg

When to use Laravel?

When the time to market is the key, then Laravel is the best choice. Because it has so many salient features that make web development very fast as compared to other frameworks out there. Also, Laravel can be hosted on a shared hosting thus making it cheapest amongst all, so when time and cost is the key you should go with Laravel.

When NOT to use Laravel?

PHP is not considered much secure as compared to Spring and Node.js, however, Laravel prevents some of the basic attacks such as SQL injection and cross-site scripting attacks and adds an extra layer of security to it. But still, PHP is never recommended for applications where security is a must.

6. Python - Django

Django is a fast, secure and scalable high-level Python web framework. Django encourages rapid and clean application development. It takes care of much of the hassle of web development, so you can focus on writing your app without needing to reinvent the wheel.

When to use Django?

Since, Django is based on python it supports powerful machine learning libraries like PyTorch, NumPy, etc. Its computational and statistical capabilities make it the ideal platform for machine learning applications.

When NOT to use Django?

Django is not suitable for smaller projects with only a few features and requirements. Because it's a "Batteries included" framework, it has so much boilerplate code which small projects don't need. As a result, consuming unnecessary server processing time and bandwidth.

7. Conclusion

I hope you found the article insightful! We have discussed the four most popular backend frameworks and how to make the right choice.

And stay tuned for the next article of this series. In that, I will compare the most popular front-end frameworks so that you can make the right decision.

Please give your valuable feedback in the comment section, tell me what I missed about these frameworks.

Discussion (49)

Collapse
lito profile image
Lito

Hello! can you link some article about PHP is insecure by default (not code, PHP as itself)? PHP is not considered much secure as compared to Spring and Node.js. Thanks!

Collapse
prafful profile image
Prafful Lachhwani Author

No hard feelings with PHP, I love it, but in order to make is secure we will have to add some extra code, which other frameworks already do out of the box. learnwebtutorials.com/php-is-insec...

Collapse
lito profile image
Lito

Not about PHP! don't worry. I'm PHP, node and python developer and I think that all this problems are same on all languages (or very similar).

Java XSS - stackhawk.com/blog/java-xss/
Python/Django XSS - stackhawk.com/blog/django-xss-exam...
NodeJs XSS - stackhawk.com/blog/nodejs-xss-guid...

And PHP is a language, not a framework ;)

I'm really curious about security, and how can be PHP insecure as language it self, not with code examples of people that don't know how to code.

Thanks!

Thread Thread
prafful profile image
Prafful Lachhwani Author

I agree!

Thread Thread
jancizmar profile image
Jan Cizmar

Hey! I think that statement can be actually true. Some time before some attacker hacked my server by uploading his php script and executing it by accessing it's url. I found out that this is a common scenario happening ofter with Wordpress plugins for example.

Thread Thread
prafful profile image
Prafful Lachhwani Author

There is a reason why enterprise grade applications rely on spring framework.

Collapse
leob profile image
leob

This is silly, I think other languages/frameworks are equally prone to XSS etc. if you don't follow proper standards. Can't be used as an argument against PHP, especially not when you use a framework like Laravel.

Thread Thread
prafful profile image
Prafful Lachhwani Author

Yes I agree, but PHP does not support security out of the box, a developer may need to write extra code in order to protect their applications. Happy to share that spring already has so many security features already built in.

Coming to Laravel, if you will compare libraries built for spring vs that built for Laravel are not that sophisticated and you can't rely on them in terms of application backdoor.

And just in case if there is a security findings there are active developers to fix for libraries in java as compared to that of PHP.

Composer dependency manager is relatively new. NPM shows warnings ans threats after installing any package aka 'npm audit'. Which is still work in progress for dependency management of PHP compaoser

Thread Thread
leob profile image
leob

Not sure if I agree, as far as I know Laravel has security features out of the box, I'm rarely hearing anyone complain that Laravel applications are unsafe. I've been a Java programmer in the past and yes, Spring and Spring Security are great, but complex, and arguably overkill for most web apps.

Thread Thread
prafful profile image
Prafful Lachhwani Author

Not about Laravel, dependencies you use with PHP can be insecure, you must be using some extra libraries which are not built in with Laravel could be vulnerable however this is true for every framework which you said earlier. There is reason why enterprise grade applications use spring.

And that's what I mentioned in my article that spring could be overkill for trivial applications

Thread Thread
prafful profile image
Prafful Lachhwani Author • Edited on

Just for reference: cvedetails.com/vulnerability-list/...
And some vulnerabilities having no patch
snyk.io/vuln/composer:laravel%2Ffr...

Thread Thread
leob profile image
leob • Edited on

Sorry, not convinced - the notion that PHP is insecure is based on outdated information, or on issues with WordPress plugins (WordPress does not equal PHP ...)

So what about the library that's responsible for one of the biggest security scares of the last decade? The name of that library is Log4J, a Java library that's being used in numerous Java applications, and within other Java libraries.

PHP or Laravel are in itself no less secure than any other programming language or framework, it all depends on knowledge of security basics and on common sense of the devs using it.

Thread Thread
leob profile image
leob

Thanks for the list - so it's immediately obvious that at least 95% of the vulnerabilities are in older versions (5.x or 6.x) - we're at version 8.x now. This also indicates that vulnerabilities are actively being addressed, as can be expected from a popular open source framework.

Thread Thread
prafful profile image
Prafful Lachhwani Author

So conclusion?

Thread Thread
leob profile image
leob • Edited on

Conclusion is that PHP isn't in itself unsafe, and Java isn't by definition safe (and then I'm only talking about server side Java, of course client side Java is notorious for containing numerous security holes over the years).

Thread Thread
llbbl profile image
Logan Lindquist

You can write Crap code in a bunch of different languages, not just PHP. The Frameworks help with security and encourage best practices, but much is still left in the hands of the Dev. Also FYI, Symfony is more popular than Laravel in Europe.

Collapse
llbbl profile image
Logan Lindquist


PHP is not considered much secure as compared to Spring and Node.js

This statement is misleading and false, but thats ok. 💩

Collapse
pau1phi11ips profile image
Paul Phillips • Edited on

I think it's just for the click bait tbh 🙄

Knowing who to write secure native PHP is just part of knowing how to code.

Collapse
neoprint3d profile image
Drew Ronsman

Great job loved the article
p.s flask is also a pretty popular bavkend framework

Collapse
prafful profile image
Prafful Lachhwani Author

Glad that you loved the article. Yes completely agree Flask is great!

Collapse
spotnick profile image
spotnick

Call me stupid but for me ASP MVC is my go to for backends. Since most of our customers are hosting their stuff on Azure I find this approach much easier. At least the Authentication and Authorization part is a no brainer. What do you think about it and what was the reason to not include it? :)

Collapse
prafful profile image
Prafful Lachhwani Author

Yes I agree! I missed this, maybe in future articles I will mention

Collapse
camco profile image
Camco

Not stupid at all. Maybe a bit of extra effort bc of the bloat of ASP/MVC environment but functionality speaking, I'd say your in a best spot

Collapse
cjsmocjsmo profile image
Charlie J Smotherman

Golang + gorilla + docker is what I use. Small, light, fast and you get concurrency out of the box with goroutines.

What i like about this stack is that I can deploy it to the cloud (Google/AWS) or to my small foot print device (raspberry pi) so it's very flexible.

Happy coding

Collapse
prafful profile image
Prafful Lachhwani Author

Thanks for sharing, I will surely give my hands on Golang

Collapse
ozzythegiant profile image
Oziel Perez • Edited on

As some people mentioned in the comments, we need to talk more about ASP .NET 6 and Go. ASP is cross platform, running on Linux, and C# is getting much easier to write, I'd say it's as good as Kotlin. Go is relatively easy to write, I'd say as easy as Python, and you can get so much performance out of it. If you use Node.js, look up Fiber, an Express.js inspired framework that's among the top ranks of TechEmpower bench marks, right along with ASP .NET. We don't need to conform to using interpreted languages. We can build more powerful apps with newer languages.

Collapse
prafful profile image
Prafful Lachhwani Author

That's great! I will check out ASP.net and Go surely.

Collapse
djnitehawk profile image
Dĵ ΝιΓΞΗΛψΚ

how come no love for .net? it's one of the most performant and easy to work with backend technologies in the industry 😁

Collapse
prafful profile image
Prafful Lachhwani Author

Tbh, I have no hands on .net, that's why I didn't mentioned it, maybe surely in future articles I will mention after trying on

Happy Coding!

Collapse
djnitehawk profile image
Dĵ ΝιΓΞΗΛψΚ

thought as much. i have a dotnet noob friendly article on dev if you're interested in trying new things ;-)

Thread Thread
prafful profile image
Prafful Lachhwani Author

Thanks for sharing, I will checkout definitely.

Collapse
jackfr0st13 profile image
Deepak Choudhary

Good read. Small correction though, Node.js isn't a framework. Node is a JavaScript runtime so remove the odd one out or correct it to something like express.js.

Collapse
prafful profile image
Prafful Lachhwani Author

Sure thanks, I will

Collapse
saifullahusmani profile image
Saifullah Usmani

Loved it. I didn't see asp.net or C#. I want to learn C# for web dev but don't know if it's worth learning. So if you can include that in this post too then it will be very helpful.
Although it's an amazing post! ❤️
Very helpful

Collapse
prafful profile image
Prafful Lachhwani Author

Sure, I will do my research and try to include.

Collapse
kane_jason profile image
Kane Jason

Selecting an appropriate back-end technology requires vital consideration of the variables like speed, reliability, and scalability. Know the features of the best 4 back-end frameworks to select an appropriate one for your project.

  1. Laravel
  2. .Net
  3. Zend
  4. Codeigniter

Thus, to comprehend why backend frameworks are essential for web app development and detailed analysis of best backend frameworks, read my post here: dev.to/kane_jason/4-best-back-end-...

Collapse
cmmon profile image
C-mmon

Choosing the right framework is all about experience.

Collapse
cmmon profile image
C-mmon

Just kidding, Nice article

Collapse
prafful profile image
Prafful Lachhwani Author

I agree :)

Collapse
andipandiber profile image
Andres Bermeo

The first article that says the truth about Spring, I love Java in the backend, Spring is the best but for things very big but I developed an small project based in the sales using Spring but I didn't think in the CPU... Thanks a lot... Great Article.

Collapse
prafful profile image
Prafful Lachhwani Author

Glad you liked!

Collapse
ronieldegozo profile image
Mc Roniel De Gozo

Great article but base on my research, learning JavaScript can help you to become a better full stack web developer with the use of MERN, MEAN or MEVN stack.

Collapse
prafful profile image
Prafful Lachhwani Author

Yes Agree! However, there are various technologies good for different use case

Collapse
1punchkim profile image
1punchkim

Favorite part of this article 'cause 💯 relatable

PHP is an old friend who introduced me to web development.🥺

Collapse
prafful profile image
Prafful Lachhwani Author

Yes🥺

Collapse
devfranpr profile image
DevFranPR

So, in summary: Node if you want fast & simple operations, Spring if you need security, Laravel if you want a fast developement and Django if you want to add machine learning features (?)

Collapse
prafful profile image
Prafful Lachhwani Author

Laravel actually has a slow deployment, I considered Laravel for cheap shared hosting, however it is recommended to host Laravel on VPS, but it he hosted on shared hosting with some patch.

Collapse
dendihandian profile image
Dendi Handian

Fun fact: Your non-PHP code may not secured compared to well-secured PHP code.

Collapse
tem0138 profile image
Tem0138

Do you know which framework DEV is using? Popular and extremely productive... DEV, GitHub, GitLab, Shopify, Codecademy, Exercism, CodePen, ... :)