Languages & runtimes
Managed PHP — modern runtime, hardened defaults.
Whether it's a legacy LAMP estate or a fresh Laravel deploy, PHP runs faster and safer when someone owns the runtime. We tune PHP-FPM pools, configure OPcache and JIT properly, scan Composer dependencies, and ship the CVE patches before they show up in pen-tests.
What we manage
PHP-FPM tuning
Pool process manager (dynamic / ondemand / static) chosen per workload, pm.max_children right-sized to memory, request-buffer sizing.
OPcache & JIT
OPcache memory and validation policy, file-based vs in-memory cache, JIT enabled for CPU-bound workloads, opcache_reset strategy on deploy.
Composer & deps
Composer install reproducibility, autoloader optimisation (--optimize-autoloader --classmap-authoritative), Composer audit on every CI build.
Security & CVEs
PHP version upgrade cadence (no EOL versions in production), CVE patching on a published SLA, framework-aware secret handling, expose_php disabled.
Framework-aware deploys
Laravel queue + Horizon, Symfony console workers, WordPress wp-cron offload, zero-downtime deploys via Deployer or rsync atomic-swap patterns.
Observability
OpenTelemetry PHP, application performance monitoring (New Relic / Datadog / Tideways), slow-log review, log aggregation.
Compatible across every cloud we manage
Same playbook on AWS, Google Cloud, Microsoft Azure and DigitalOcean — pick the cloud, we'll run the stack.
How we engage
1. Assess
Two-week audit of your current cloud setup against the provider's Well-Architected / Architecture Framework. Concrete findings, no fluff.
2. Stabilise
We close the top security, reliability and cost gaps before going into steady-state operations.
3. Operate
24/7 monitoring, on-call, change management, monthly reviews and a roadmap for the next quarter.
DIY guides & field notes
Build it yourself — or have us do it for you
Short articles, runbooks and field notes from our engineers. Each one starts here as a snippet and continues on Medium.
May 27, 20261 min read
The Laravel migrations that break production — and the safe patterns we use instead
Rename column, drop column, change type, add NOT NULL — every one of these has a 'works on staging, breaks at midnight on production' failure mode.
Read snippetMay 26, 20261 min read
Upgrading to PHP 8.3 in production — the migration playbook for Laravel, Symfony, and WordPress
PHP 8.3 is mature, fast, and the deprecation surface from 8.1/8.2 is small but sharp. Here is the staged playbook we use to move customer fleets across without an incident.
Read snippetMay 22, 20261 min read
Composer supply chain in 2026 — the audits, locks, and signing controls we ship by default
Composer is the single largest entry point into PHP applications. After three years of attacks on Packagist, the controls every PHP shop should have are no longer optional.
Read snippetMay 20, 20261 min read
Zero-downtime Laravel deploys — the atomic-symlink pipeline that keeps queues honest
What it actually takes to deploy Laravel without dropping requests or losing jobs: atomic releases, the queue worker dance, OPcache reset timing, and the Envoyer-style pipeline we ship.
Read snippetMay 19, 20261 min read
OPcache and JIT in PHP 8.3 production — what actually moves the needle
OPcache is mandatory. JIT is conditional. Here is the production config we ship, the JIT mode debate settled with numbers, and the workloads where JIT genuinely hurts.
Read snippetMay 19, 20261 min read
Hardening WordPress in 2026 — the checklist we actually run on customer sites
Most WordPress security guides are 80% noise. Here are the controls that actually stop the attacks we see every week.
Read snippet
Ready to take the operational load off your team?
Book a 30-minute discovery call. We will audit your current cloud setup and show you exactly where we add value.