Why Microsoft's ASP/ASP.NET may be the safe choice for development

John Avis by | February 15, 2018 | Web Development

Some reasons why developing using Microsoft's ASP/ASP.NET has been a good choice over the years.

Your situation may be different but in my case, over close to 20 years I have created many websites and applications for myself and clients, many that are still in use today.

Most, if not all, have under gone some changes over the years. In some cases this might just be a cosmetic refresh and the server-side code remains the same or features may have been added or changed over the years.

Of course, due to the nature of the web, some get total rewrites after a short time, but many clients don’t need or want to spend money on major rewrites.

Fortunately, the majority of the websites and applications I have developed were done so using the Microsoft technologies Classic ASP and ASP.NET.

If, like me, you created something in the late 1990s using Classic ASP and didn’t do anything stupid like not protect against SQL injection or unsafe user uploads, then your code could still run today on a modern web server running a current version of operating system and IIS without you losing sleep that there were security problems waiting to bite you.

And if, like me, you wrote something in ASP.NET 1.x or 2.x in the early 2000s, again, as long as it was running on a modern server, you could feel safe and without fear of potential security problems.

Now, let’s compare this to PHP (and let me say I am no expert on PHP but do have some experience with it).

If you wrote something in an earlier version of PHP, because there are breaking changes between major versions, you either still need to be running on that same version of PHP, or it’s time to review and migrate to the current version of PHP.

An online search reveals that some earlier versions of PHP have security flaws and the advice is to update to safe versions.

What about these popular open source frameworks that are so popular now?

These days it’s a very common for developers to use new frameworks, usually open source, to develop their websites and applications. There seems to be a new one out every month or so.

Is this a good idea to use these? Will an application written using one of these frameworks still be okay in a few years’ time?

Here’s a hypothetical look at what the future might hold for such an application…

1. Our application is developed in version 2 of a fictional JavaScript framework. Version 1 was well received but had some security and performance issues which have been resolved by a major rewrite. The fictional JavaScript framework leverages off a couple of other JavaScript frameworks.

2. Our application works great and gets a few enhancements over the next year or two.

3. Version 3 of the fictional JavaScript framework gets introduced and has some great new features and fixes some security and performance issues with version 2. There are some breaking changes from the previous version so our application code will need to be reviewed and migrated.

4. Our application is quite large, possibly with hundreds of thousands of lines of code, and reviewing and migration is a major project that we would rather not undertake.

5. Interest and support for version 2 of the fictional framework has dropped off and as version 3 was not well received another fictional framework has become the popular choice. It is strongly recommended not to use version 2 anymore because of security flaws in it and/or one of its dependencies. Because of this, and your development team are excited about using the new fictional framework, a rewrite is recommend.

Did I mention I still have Classic ASP and early .NET Web Forms applications out there in the wild and I don’t lose any sleep over them at all?

Related Posts

Web Development

Is ASP.NET better than PHP?

by John Avis | September 21, 2016

This posts stems from my own curiosity. It's a question not a statement. I've been developing in ASP.NET for many years and I like it. I've dabbled a bit in PHP and there are some things I like and some I don't like, but maybe I haven't immersed myself in it enough to know what's great about it.

ASP.NET Web Forms Web Development

Things you need to know when programming in ASP.NET Web Forms

by John Avis | January 21, 2015

Web forms makes it really easy to create a simple website, but it is also really difficult to crate a complicated website. These are some of the things you will need to know sooner or later.

Web Development

Top 6 things you need to know when programming for the web

by John Avis | January 20, 2015

Over fifteen years of developing for the web, I've learned some lessons the hard way. There are some things they don't teach you in books and tutorials.


There are no comments yet. Be the first to leave a comment!

Leave a Comment
ASP.NET Html Forms ASP.NET MVC ASP.NET Web Forms ASP.NET Web Pages Bootstrap C# Classic ASP Cool Websites Databases eBay and PayPal Electrical Repairs General Hardware HTML/CSS Jquery/Javascript Media Center Mobile Phones Responsive Web Design SEO and Social Networking Web Design Web Development Web Security web+db Website Hosting Windows XP

About me

...mostly about web development and programming, with a little bit of anything else related to the Internet, computers and technology.


Get the latest posts delivered to your inbox.