Building websites is easy right? You install Rails, Drupal, Symfony, or some other tool and just start coding (or site building). If you want to code from the ground up you can grab a book or one of the millions of tutorials online and off you go. But, what happens when a customer or boss asks about security, performance, or something else highly technical?
This topic came to the forefront of my mind with the recently published security issue in Drupal. In the time between the initial report and a response from the Drupal security team I investigated the issue, read the code in question, and even ran some tests. In my discussions with others I was finding a bit of FUD and people taking sides behind someones opinion rather than understanding (or discussing) the problem space.
This topic doesn't just relate to security issues. For instance, Google, Amazon, and others have found the time it takes for a page to display to a user matters. The faster it displays the more likely a user is to do more interactions (that includes shopping). Yet, how many web developers know the ins and outs of making pages faster? Where are the low hanging fruit in this discussion? How does this all work?
Lately, I've started to wonder if there is a distinction between the easy stuff getting sites and apps up and going versus the hard stuff in the form of security, performance, scalability, and so on. It can be easy to get into web development and start building sites. And, with everything else we have to do in our lives and jobs it can be easy to stop there. Instead, let me challenge you to dig into the hard stuff because it's not as hard as it may seem and there are payoffs.