Suppose you need to set up or maintain a simple but professional looking website on Windows (maybe even on a budget), be able to develop using tools like PHP, have it all work even when you don’t have web access, and then once you’re done, wouldn’t it be great if you didn’t have to compile, you could just copy your files and be done with it?
I’m talking about a full WAMP stack here, so I don’t mean you’ll have to cut any corners. But being simpler usually means being minimal, so given something that can get really complicated quickly, it’s best to throw out anything you don’t fundamentally need.
So today let’s try to question your assumptions. In particular, in this article I want you to question whether you really, really need a database like MySQL to run a basic website. Of course if you need it, it will be there for you, but let’s try to get by without it.
If you’re using a popular CMS like WordPress, you’re using a database like MySQL even if you don’t know it. In addition to adding complexity, databases are one of the significant drivers of insecure websites (in fact, if you type “SQL” into Google, the first autocompletion these days is “SQL injection”). If you don’t even turn on *SQL in the first place, it can’t be used against you as an attack surface.
The WordPress model of storing every blog article in a DB table isn’t the only way CMS’s have to work. Another way is to use a flat file system. Of course that has connotations of the limitations of the early days of the internet, but times have progressed, and I want to show you a modern refresh with a more well thought out approach.
A flat file system stores each web page as a file, whether standard pages or blog entries, or even as more than one file that are then stitched together as directed by a template or some convention. So when a request is received, the CMS will just need to locate the right pieces in the file system, convert (and cache) them to HTML, and then hand them off to the web server.
So if you you’re not already familiar with it, let me introduce you to Grav, one of the most popular of the new wave of flat file web content platforms. It’s open source, super fast and extensible, with modern features like templating, switchable themes, form support, and caching for images at multiple sizes.
Because it’s flat file, it stores everything as files within its central directory, even configurations. Files with content are in markdown format with optional extensions, and additional plugins can also add support for more advanced features like WordPress-style shortcodes. Most configuration information is coded in YAML at the beginning of either markdown files or dedicated text-based configuration files.
One advantage of the everything-is-a-file approach is that you can make your development setup ultraportable by putting everything into a single folder. Do you want to deploy your site via ftp? Send the folder. Do you want to switch devices? Just copy the folder. Want to back up everything? Copy the folder. Want to restore your backup? You guessed it, just copy the folder. Version control is as simple as setting up your folder as a repository.
So where does PHP coding come in? Grav uses the Twig templating engine, based on the syntax of Python’s Jinja and Django templates. To prevent server-side injection attacks, user input is sanitized, and straight PHP code is restricted to use within those templates.
Of course, something is going to have to serve your pages, in this example Apache and PHP. How can we simplify that part? By using another software suite that combines them along with their joint configuration into a single package.
Like Grav, EasyDev PHP is a complete, open source, ready-to-use development environment. More in detail, it’s a packaged environment that includes the latest Windows versions of Apache, MySQL and PHP (i.e., a full WAMP stack). Although Apache and MySQL are not enabled by default for security, you can enable or disable them with a single button press.
Because it’s pre-packaged, it saves you a substantial amount of configuration effort, both for the individual applications themselves and between them. It provides you with 4 folders (eds-binaries, eds-dashboard, eds-modules and eds-www), with all of the WAMP applications inside the first of those. The eds-www/ directory corresponds to Apache’s www/ directory, where you place both Grav and your content (your markdown files) and pointed to by the address http://localhost/.
The latest version, v17.0, runs on Windows 7/8/10 and requires the VisualC++ 2015 redistributable (x86 or x64), which you may already have installed if you’ve done development work in the past.
Because the entire Grav folder (application plus content) will just be dropped into the EasyPHP directory, we’ll need to install EasyPHP first. You can download it and then read the short but great installation instructions. Be sure to select version 17 and not version 14. Note that you may need to add the PHP path in your /eds-binaries/ directory to your system environment variables if you want to use them on the command line.
When you launch the EasyPHP Devserver application, it will add an icon to the system tray instead of opening a window. I suggest you right click on the icon and select “Open Dashboard”, which will open a browser-based control panel.
Click on the green “Start” button in the section “HTTP SERVER”. Don’t worry about starting the database server to the right unless you actually need it. You can also check whether PHP is working properly, regardless of whether the web server is active, via the code tester at the bottom of the page.
Next, let’s set up Grav. Download the zip file and unpack it inside the /eds-www/ folder. Now here comes the easy part: type or paste http://127.0.0.1 in your browser’s URL bar, and you will quickly see the default Grav web page. That’s it, installation done, you didn’t even have time to make your coffee.
So now you can begin serving web pages right away. But even better than that, you can begin building your site using nothing more than a typical text editor.
As mentioned above, Grav works with standard markdown format, with markdown extra as an option that can be enabled. In both cases files end with the extension .md. To create a working website from nothing, just choose a page type, create a “Hello World” .md file in the root directory, and point your browser to http://localhost/.
Like EasyPHP, Grav has great documentation. It can take several hours to read it all, so feel free to start off with the quick version. Now go ahead and explore what you can do with Grav, and next time I’ll show you some of the more advanced things it can do.