Deployer is an open-source deployment tool for PHP projects — specifically designed to automate, standardize, and securely deploy applications like Laravel, Symfony, Magento, WordPress, or any custom PHP apps.

🚀 What Makes Deployer Special?

• It’s a CLI tool, written in PHP.

• You define your deployment process in a deploy.php configuration file with clearly defined tasks.

• It supports zero-downtime deployment using symbolic links (symlinks).

• It supports multi-environment deployments (e.g., staging, production).

🛠️ Typical Deployer Workflow

Install Deployer via Composer:

composer require deployer/deployer --dev

Generate a config template:

vendor/bin/dep init

Configure deploy.php, e.g., for Laravel:

host('my-server.com')
    ->set('deploy_path', '/var/www/myproject')
    ->set('branch', 'main');

task('deploy', [
    'deploy:prepare',
    'deploy:vendors',
    'artisan:migrate',
    'deploy:publish',
]);

Deploy your app:

vendor/bin/dep deploy production

🔁 What Happens Under the Hood?

Deployer:

• Connects to the server via SSH

• Clones your Git repo into a new release directory

• Installs Composer dependencies

• Runs custom tasks (e.g., php artisan migrate)

• Updates the symlink to point to the new release (current)

• Removes old releases if configured

📦 Benefits of Deployer

Laravel Octane is an official package for the Laravel framework that dramatically boosts application performance by running Laravel on high-performance application servers like Swoole or RoadRunner.

⚡ What Makes Laravel Octane Special?

Instead of reloading the Laravel framework on every HTTP request (as with traditional PHP-FPM setups), Octane keeps the application in memory, avoiding repeated bootstrapping. This makes your Laravel app much faster.

🔧 How Does It Work?

Laravel Octane uses persistent worker servers (e.g., Swoole or RoadRunner), which:

1. Bootstrap the Laravel application once,

2. Then handle incoming requests repeatedly without restarting the framework.

🚀 Benefits of Laravel Octane

RoadRunner is a high-performance PHP application server developed by Spiral Scout. It serves as a replacement for traditional PHP-FPM (FastCGI Process Manager) and offers a major performance boost by keeping your PHP application running persistently — especially useful with frameworks like Laravel or Symfony.

🚀 What Makes RoadRunner Special?

✅ Worker-Based Performance

• PHP scripts are not reloaded on every request. Instead, they run continuously in persistent worker processes (similar to Node.js or Swoole).

• This eliminates the need to re-bootstrap the framework on every request — resulting in significantly faster response times than with PHP-FPM.

✅ Built with Go

• RoadRunner is written in the programming language Go, which provides high concurrency, easy deployment, and great stability.

✅ Features

• Native HTTP server (with HTTPS, Gzip, CORS, etc.)

• PSR-7 and PSR-15 middleware support

• Supports:

  • Queues (e.g., Redis, RabbitMQ)

  • gRPC

  • WebSockets

  • Static file serving

  • Prometheus metrics

  • RPC between Go and PHP

• Hot reload support with a watch plugin

⚙️ How Does It Work?

1. RoadRunner starts PHP worker processes.

2. These workers load your full framework bootstrap once.

3. Incoming HTTP or gRPC requests are forwarded to the PHP workers.

4. The response is returned through the Go layer — fast and concurrent.

📦 Common Use Cases:

• Laravel + RoadRunner (instead of Laravel + PHP-FPM)

• High-traffic applications and APIs

• Microservices

• Real-time apps (e.g., using WebSockets)

• Low-latency, serverless-like services

📉 RoadRunner vs PHP-FPM

SSH (Secure Shell) is a network protocol that establishes an encrypted connection between two computers. It is mainly used for securely logging into remote systems (e.g., servers) and executing commands.

Key Features of SSH

• Security: Data is transmitted in an encrypted form, protecting against eavesdropping and manipulation.
• Authentication: Access can be granted via passwords or SSH keys.
• Tunneling Capability: Can be used to securely forward network traffic.
• File Transfer: Allows file transfers between systems using SCP or SFTP.

Basic SSH Commands

• Connect to a remote server:

ssh username@server-ip

• Transfer files using SCP:

scp file.txt username@server-ip:/destination-folder/

• Add your public SSH key (for passwordless login):

ssh-copy-id username@server-ip

SSH is commonly used by developers and system administrators to manage servers or establish secure connections for other applications.

The Fetch API is a modern JavaScript interface for retrieving resources over the network, such as making HTTP requests to an API or loading data from a server. It largely replaces the older XMLHttpRequest method and provides a simpler, more flexible, and more powerful way to handle network requests.

Basic Functionality

• The Fetch API is based on Promises, making asynchronous operations easier.
• It allows fetching data in various formats like JSON, text, or Blob.
• By default, Fetch uses the GET method but also supports POST, PUT, DELETE, and other HTTP methods.

Simple Example

fetch('https://jsonplaceholder.typicode.com/posts/1')
  .then(response => response.json()) // Convert response to JSON
  .then(data => console.log(data)) // Log the data
  .catch(error => console.error('Error:', error)); // Handle errors

Making a POST Request

fetch('https://jsonplaceholder.typicode.com/posts', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({ title: 'New Post', body: 'Post content', userId: 1 })
})
  .then(response => response.json())
  .then(data => console.log(data))
  .catch(error => console.error('Error:', error));

Advantages of the Fetch API

✅ Simpler syntax compared to XMLHttpRequest
✅ Supports async/await for better readability
✅ Flexible request and response handling
✅ Better error management using Promises

The Fetch API is now supported in all modern browsers and is an essential technique for web development.

A Bearer Token is a type of access token used for authentication and authorization in web applications and APIs. The term "Bearer" means "holder," which implies that anyone in possession of the token can access protected resources—without additional verification.

Characteristics of a Bearer Token:

• Self-contained: It includes all necessary authentication information.
• No additional identity check: Whoever holds the token can use it.
• Sent in HTTP headers: Typically as Authorization: Bearer <token>.
• Often time-limited: Tokens have expiration times to reduce misuse.
• Commonly used with OAuth 2.0: For example, when authenticating with third-party services.

Example of an HTTP request with a Bearer Token:

GET /protected-data HTTP/1.1
Host: api.example.com
Authorization: Bearer abcdef123456

Risks:

• No protection if stolen: If someone intercepts the token, they can impersonate the user.
• Must be securely stored: Should not be exposed in client-side code or URLs.

💡 Tip: To enhance security, use short-lived tokens and transmit them only over HTTPS.

Entity headers are HTTP headers that provide information about the body of a message. They can appear in both requests and responses, describing properties of the content such as type, length, encoding, or last modification date.

Important Entity Headers:

1. Content-Type

• Specifies the media type (MIME type) of the content.
• Example:

Content-Type: application/json; charset=UTF-8

2. Content-Length

• Indicates the size of the content in bytes.
• Example:

Content-Length: 1024

3. Content-Encoding

• Shows if the content has been compressed (e.g., gzip).
• Example:

Content-Encoding: gzip

4. Content-Language

• Specifies the language of the content.
• Example:

Content-Language: de-DE

5. Cache-Location

• Indicates the URL or storage location of the actual resource.
• Example:

Content-Location: /files/document.pdf

6. Last-Modified

• Specifies when the content was last changed.
• Example:

Last-Modified: Tue, 30 Jan 2025 14:20:00 GMT

7. ETag

• A unique identifier for a version of the resource, useful for caching.
• Example:

ETag: "abc123xyz"

8. Expires

• Indicates when the content should be considered outdated.
• Example:

Expires: Fri, 02 Feb 2025 12:00:00 GMT

9. Allow

• Lists the allowed HTTP methods for a resource.
• Example:

Allow: GET, POST, HEAD

10. Refresh  (Not standardized but often used)

• Instructs the browser to refresh the page after a specified time.
• Example:

Refresh: 10; url=https://example.com

These headers help describe the content of an HTTP message, optimize caching strategies, and ensure correct rendering.

Response headers are HTTP headers sent from the server to the client. They contain information about the server’s response, such as status codes, content types, security policies, or caching rules.

Important Response Headers:

1. Server

• Indicates which software or technology the server is using.
• Example:

Server: Apache/2.4.41 (Ubuntu)

2. Date

• Specifies the date and time of the server’s response in GMT format.
• Example:

Date: Wed, 31 Jan 2025 12:34:56 GMT

3. Content-Type

• Defines the media type of the response.
• Example:

Content-Type: text/html; charset=UTF-8

4. Content-Length

• Indicates the size of the response in bytes.
• Example:

Content-Length: 3456

5. Cache-Control

• Determines the caching behavior of the response.
• Example:

Cache-Control: max-age=3600, must-revalidate

6. Set-Cookie

• Sends cookies to the client for storage and future requests.
• Example:

Set-Cookie: sessionId=abc123; Path=/; Secure; HttpOnly

7. ETag

• A unique identifier for a specific version of a resource, used for caching optimization.
• Example:

ETag: "5d8c72a5f8d9f"

8. Location

• Specifies a redirect URL if a resource has moved.
• Example:

Location: https://www.new-url.com/

9. Access-Control-Allow-Origin

• Enables cross-origin requests (CORS).
• Example:

Access-Control-Allow-Origin: *

10. Strict-Transport-Security (HSTS)

• Enforces HTTPS for future requests.
• Example:

Strict-Transport-Security: max-age=31536000; includeSubDomains

Response headers help the client interpret the received response correctly, enforce security measures, and optimize caching strategies.

Request headers are HTTP headers sent by a client (e.g., a web browser or API request) to the server, providing additional information about the request, the client, or the desired content.

Important Request Headers:

1. Host

• Specifies the target domain or IP address of the server.
• Example:

Host: www.example.com

2. User-Agent

• Contains information about the client, such as browser type or operating system.
• Example:

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)

3. Accept

• Defines which content types the client can accept.
• Example:

Accept: text/html, application/json

4. Accept-Language

• Specifies the client's preferred language(s).
• Example:

Accept-Language: de-DE, en-US

5. Accept-Encoding

• Indicates which compression formats the client supports.
• Example:

Accept-Encoding: gzip, deflate, br

6. Referer

• Provides the previous page from which the user navigated.
• Example:

Referer: https://www.google.com/

7. Authorization

• Used for authentication when accessing protected resources.
• Example(Basic Auth):

Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

8. Cookie

• Contains cookies previously set by the server.
• Example:

Cookie: sessionId=abc123; theme=dark

9. Content-Type (for POST/PUT-Anfragen)

• Specifies the data format of the request body.
• Example:

Content-Type: application/json

10. Origin

• Indicates the origin URL and is often used in Cross-Origin requests.
• Example:

Origin: https://www.example.com

These headers help the server understand the request and respond accordingly by providing details about the client, preferred content, and security aspects.

General HTTP headers are headers that can be used in both HTTP requests and responses. They contain general information about the connection and data transfer that is not specific to the client, server, or content.

Wichtige allgemeine Header:

1. Cache-Control

• Controls caching behavior for clients or proxy servers.
• Example:

Cache-Control: no-cache, no-store, must-revalidate

2. Connection

• Defines whether the connection should remain open after the request.
• Example:

Connection: keep-alive

3. Date

• Contains the date and time of the HTTP message in GMT format.
• Example:

Date: Wed, 31 Jan 2025 12:34:56 GMT

4. Pragma (veraltet, aber noch genutzt)

• Similar to Cache-Control, mainly used for backward-compatible caching rules.für rückwärtskompatible Caching-Regeln genutzt.
• Example:

Pragma: no-cache

5. Trailer

• Specifies which headers will be sent after the message body.
• Example:

Trailer: Expires

6. Transfer-Encoding

• Specifies how the message body is transferred, e.g., in chunks.
• Example:

Transfer-Encoding: chunked

7. Upgrade

• Used to upgrade the connection to a different protocol, such as WebSockets.
• Example:

Upgrade: websocket

8. Via

• Indicates through which proxies or gateways the message was routed.
• Example:

Via: 1.1 proxy.example.com

These headers improve communication between the client and server, manage caching, and allow protocol upgrades.