[drivingmenuts]

I think I just heard many system administrators collectively clutching their chests in pain.

If inexperienced devs and users could suddenly drop their pants at will, imagine the mayhem that would occur if experienced devs with malicious intent were set loose in that environment? You can't pretend they don't exist - in fact, it's better to assume everyone who's not you is out to utterly destroy your data ASAP. Some would argue don't even trust yourself.

Those firewalls, ids, utms and assumptions are pretty much the only thing protecting inexperienced users from themselves.

[derefr]

I think, if you have a system administrator, you're not the target audience for localtunnel. This is for home users who don't understand how to get their computer+router+apartment building's switch+etc to cooperate in getting them a public route.

Maybe they should just make it bind to a port below 1024, so it requires root/Administrator privileges to run. Then, if you are your own sysadmin, you can let yourself in--and if someone else is, you'll have to take it up with them.

[snowwrestler]

I think that making it easy for unsophisticated users to expose their personal machines directly to the public Internet is not a good idea.

The way to test a web project in development is to put it on a cheap web host or VPS. If you want to help newbie developers, make that one-click easy.

[derefr]

The real barrier to entry is the point between "cheap" and "free"--especially when first learning. For me, that was when I was 10/11. No chance of getting hold of a credit card to get a "cheap web host or VPS." I could only experiment with what my computer was willing to do on its own.

Heroku's almost the right thing for this, I think, though it still requires a credit card to sign up fully (it doesn't technically, but it does to enable free add-ons, so without a credit card you don't get, say, database persistence.) Obviously, Heroku is geared for adult developers--or, more specifically, to start-ups that Heroku hopes will become monsters dependent on Heroku's stack.

What would be perfect is a service like Heroku, but specifically for people learning to code; maybe something joined-at-the-hip with an online coding-school website. When you attend a real CS program, you get access to the labs and mainframes to test your programs on--where's the online version of that?

So, anything like this already exist? Or should I build it?

[snowwrestler]

I just think of a 10-11 year old putting their personal--or their family's--computer straight onto the public web with some random hacked-together code, and it makes me feel very nervous. What are the chances they are going to understand all the security implications? Pretty low, I think.

On the other hand, no one ever learned much by always taking the perfectly safe path. And who am I to judge whether people are "ready" for the Web? It's the old freedom vs. security argument.

Amazon does provide a free tier of EC2, which is great for tinkering around. But it takes a certain amount of knowledge to get one working as a web server. A tutorial, or a project that makes it easier, might be a good place to start.

[at-fates-hands]

>>I think I just heard many system administrators collectively clutching their chests in pain.

I was trained to do this by reflex. Anytime you expose anything on your network, not matter what it is, without some layer of security between you and the internet, you're asking for trouble.

Whether this is a warranted reaction or not, I don't know. I'm pretty sure its from spending too much time hanging out with hackers and sys admins. It's just locked in my brain not to doing something like this - ever.

[superuser2]

It's completely impossible to develop for Twilio, Facebook, and many other public APIs without putting your work on the public internet. If you want to develop for a public API in a native GUI text editor, tunneling through your firewall is the only way to do it.