The web has been part of my career since the beginning. I’ve created several sites, including apps and games, hell, I’ve even created web development tools, yet I have to admit I no longer know how to create a website. If I sat down right now to create a new site, I’d be even more boggled by the tools and tech than before. I feel like there’s some lesson in programming hiding here.
Creating a website has become an involved and complex task. I can’t just throw a few pages together an upload them. Okay, fine, I could do this rather easily, but I’ve already got a blog, I’d want dynamic elements, perhaps some kind of application functionality. This opens up a myriad of options, from frameworks to templates, to hosts.
I’ve done this before, so I could choose what I know. Alas, here is where things become tricky. The web is a trendy place, and what was cool yesterday isn’t cool tomorrow. The tech I know may no longer be suited to do the things I want, or it may require a circus of hoop jumping to get it to work.
Perhaps the framework, or the language itself, has fallen out of favour. If it’s just a small site managed by me, it’s not a big deal, but if you’re a company, well, dinosaur tech won’t exactly attract an eager set of programmers.
Worse than merely not being popular, many frameworks languish or crumble. The authors may have just moved on, and if there’s no money in it, I can’t blame them. Instead, the code may have become overly complicated; coding is all about maintenance now, chasing an endless set of defects.
Keeping a site secure seems like an impossible task. My twitter feed is filled with the horrors of websites gone wrong: hacks and data breaches abound!
Security, of course, isn’t a simple tick on a website todo list. It’s an ongoing battle of priorities and risk assessment. The level of defence grows with the site, but starting from zero isn’t an option. There are many baseline things I have to do; I could probably come up with a list, but I’d have no idea whether it’s complete enough.
It’s always been disappointing to find out that a lot of this baseline stuff isn’t handled by the framework I’ve chosen. Have I been so unlucky that everything I’ve tried before doesn’t handle some essential aspects of security? Somehow I doubt it, and I think a lot of the web’s security problem lies in the insecure frameworks.
I say I don’t know how to create a website, but I’m sure I could do it again. I have no idea whether I’d pick the best approach, though I’m confident there is no best approach, just a bunch of perhaps acceptable ones.
By this point in my career, you may think I’ve developed a good method for learning and using new technology. I guess. I mean if throwing a bunch of boards and nails into a pile and hammering is considered a sound house building method, then sure. My approach is usually just random trial and error. Most documentation isn’t of a quality that I can take a directed approach, as much as I’d like to. Jumping in, coding, and fixing is the only approach that seems to consistently “work”.
My attempts most likely won’t match the conventional approach. I admit that I’ll fight with tools if they don’t do things the way I want. Sometimes I wish tools wouldn’t introduce “new ways” for no reason. Not compromising on my ideals would be nice, but come on, we’re dealing with web tech — I’ve built totems trying to appease some cantankerous web deity.
Veering ever so slightly from the common, but entirely non-documented, approach makes it hard to get help. Places like StackOverflow are increasingly useless: instead of answers you get “Why are you doing this at all?”, “Yuck, you’re doing it all wrong, but I won’t tell you why”, to “can you produce a complete working minimal example, deploy it somewhere, set up an issue system, accept code reviews, feed my dog, and then maybe I’ll help”.
Website creation is a relatively large market, with plenty of jobs. I don’t envy new people entering this area. Sure, I’m serious when I say I don’t know what I’d do to create a new website, but I do know abstractly what I need to do. Sitting down with no knowledge of the task, or what kinds of tools are available, must not be fun. I don’t know why this attracts people to programming — imagine trying to be a chef where the only source of ingredients is scouring the city for restaurant scraps.
Sadly, I think far too many websites reflect this state. It’s rare that I visit a site which doesn’t have significant flaws. There’s always something that doesn’t work right, quite often it’s a critical part of the site’s functionality.
Frankly, we aren’t doing a good job with web development.