Your software developer is quitting: now what?

Matraex builds custom software applications for clients – and we often takeover (read “rescue”) projects started by other developers. I wrote this article to help business owners and software founders address an issue that they are often not prepared to address. When a software founder comes up with a software idea – often times they go looking for a developer to help them implement it. When they start the project – they rarely put any thought into how to set the project up so that it is “easier” to handle things when that developer quits one day. Most of the time the founder puts full trust and faith in the developer to set everything up. And now that the developer is leaving, the world seems to be falling apart. We have had dozens of clients looking to restart a project that stalled after their developer left. Often times those projects are disorganized and difficult to reconstruct. In some cases they can not be saved. This article is an attempt to help clients gather the project so that it can be restarted with confidence.

So the truth is out!  The developer that knows everything about your project is not going to be around to finish it.  

You may have cursed a bit under your breath and tried to quickly maneuver to keep them on board – however, you are reading this article because you now know it is up to you to confirm you have possession of your project.  It is up to you to take control of the software so you can direct it and secure the future of it.  Here is how you do it.

  1. First of all,  don’t freak out,  a calm and professional response to the news is the best way to encourage a smooth transfer of all project assets and assistance identifying ‘forgotten’ assets.
  2. Second, create a shared ‘offboarding’ document and / or folder where you can coordinate the process of collecting information about your project.
  3. Request information from your developer – Let them know that the most important part of their offboarding is to help you understand the project – so you can help the next person take it over.
  4. Confirm that you have the information you are looking for – it can be tempting to just assume you have it,  but by taking the time to verify it,  you will identify things that are missed and save headaches later.

Don’t Freak Out

Why is this a step? Because we have found that some of our past clients needed this reminder.  Too often we hear of hasty hire or poorly orchestrated offboarding while the manager spends time realizing that the project was not going to be done the way they had previously assumed.   Often, the decision will be made to try to ‘get it all done’ in the next two weeks. They drive the developer to spend every moment of their last two weeks getting writing code. This should not be the first priority!   The first priority should be to ensure that the possession of the project is fully in the control of your company and the company can continue development of the project in the future.

One of the reasons that we see managers ‘Freak Out’ at this stage is because they have not previously recognized that they should have set their project up in a way that made sure that the project was already in the possession of the company.   Ultimately,  any project that was going to be owned by your company had to be in company possession anyway,  right?  So this is a good thing – we are going through the process of putting your project in your control – so your project will survive this ‘developer change’ and any ‘developer changes’ in the future.

Your systematic and practical approach to offboarding your current developer will result in a strong understanding of your project and an improved ability to select the ideal replacement when you restart your project.  The possession you end up with will give you the confidence to restart and finish the project in the future.

Create a shared offboarding folder

Create a shared folder where you can work with your developer over the next days and weeks to collect information about your projects. You will want to create the area yourself and setup the structure to have the information you want.

I use Google Documents because the ability to collaborate is better than any other tool, but what is important is that it works for you and your developer and you are able to see each other’s work. Create several documents and give your developer access so they can make changes where you can see them. I recommend that you create the following documents at a minimum – be sure that each of the folders has permissions which allow your developer to make changes:

  • Document: Offboarding Checklist / Instructions
  • Document: Offboard TeamMemberName – MM/DD/YYYY – Projects / Assets / Credentials
  • Folder: Project Asset Uploads
  • Folder: Recordings

I have created an example (with some sample entries)

Request the following from your developer:

  • Fill out the offboarding document with credentials and links to each project and project source
  • List all code repositories and transfer ownership to me
  • Provide me with access to your workstation
  • Record a video of you working through opening, making a simple development change and then deploying
  • Record a video showing the workstation and development environment and configuration
  • Record a video explaining for each project what your next steps and recommendations would be

Confirm possession and control of your code

  • Understand and confirm your understanding of all project assets
  • Test credentials and confirm owner level access to all project assets
  • Confirm project source links and documentation, add notes and request updates
  • Review recordings and request additional recordings.
  • Time permitting: Request a review / audit of code / transfer confirmation from a third party

Note: The lists above are presented to identify areas that should not be missed – as time permits this article will be expanded to provide detail on each of these. Until the article is expanded please feel free to email with questions – I will answer and expanded this article at the same time.

Marketing Websites vs Web Applications

We are often asked if we build “websites” – yes we do, but there is nuance to the answer. The websites that we build are better defined as “Web Applications”. And a “Web Application” is different from another type of website – a “Marketing Website”. How are these two different? In short: A Marketing Website presents information about a topic or business and a Web Application helps users get something done. The table below describes many of the differences between a Marketing Site and a Web Application. Since Matraex is the #1 Web Applications development firm in the Boise market – people looking for a local ‘Website Designer’ will often reach out to us – I added some links to the Google My Business page for several long term and reliable local resources to help people understand the different companies that comprise these different categories of “Website” builders.

Marketing Website Developers

Web Application Developers

The key differences between a Marketing Website and a Web Application

Marketing WebsiteWeb Application
PurposeA marketing website’s goal is to provide information, most of these are corporate business sites providing details of a company’s offerings with resources, contact information and links to related industryA Web Application is a website that helps a user accomplish something through its interfaces.
Development processA Marketing Website can be developed by creating and approving a design, building on the information and content and then applying the design to the content.A Web Application starts as an idea and forms into a list of features (a roadmap) with the most important features first. The developers implement the items in order of the roadmap. More sophisticated applications often have multiple environments so the complex logic can be tested be approving features to be moved to launch.
Time to launchAn entry Marketing Website can take between one week and one month depending on complexity and number of pages. An entry Web Application MVP (minimum viable product), can take 2 to 6 months to launch.
Time RequirementsMost time goes to creating content and managing SEO. A larger one time cost to design the interface and layout is a close secondMost time is spent in developing code to create features and functionality.
TeamA project manager, a content creator, and a front-end developer.Project manager and a full stack developer. Larger teams will have roles split into back-end and front-end developers.
Hosting CostLess expensive – MANY SOLUTIONS!More expensive – the hosting is often decided by the technology stack and development group. Modern applications use cloud based hosting which only charge for usage, but can scale to high levels
Common Technology PlatformsWordPress, Wix, SquarePHP, React.js, NodeJS, ASP.NET, java
SpecialtiesHTML / CSS / Design / Front End
SEO / Content Generation /
Design / Copywriting
Programming / Database / Logic / Backend
Testing / User Experience / QA
Innovation / Security

SMTP on AWS SES – Limit IP Addresses – Best Practice

If you are here – it is likely because your SMTP Credentials have already be compromised and you dont want it to happen again,  or you have excellent instincts and are planning ahead.

Below you will see how to limit your SMTP Credentials on SES to only your IP Addresses.

Of course follow the basics of credentials and passwords

  1. Un guessable 
  2. Dont reuse
  3. Dont share
  4. Rotate

When it comes to AWS – SES SMTP Credentials – the ones often used in code and programmatically – the thought may be to set it and forget it.  Here is a best practice in those situations to only allow sending from your networks and futher lock down the use of these (or any other) IAM SMTP users.

Setup an IPAddress Condition which restricts sending to only your Allowed IP Address(es)

Here is how to do it in the AWS Console 

  1. Goto IAM > Users 
  2. Select [user]
  3. Go to the Permissions tab
  4. click the arrow to expand the AmazonSesSendingAccess
  5. Click Edit Policy
  6. Update the JSON to add the Condition:IPAddress  (below) for the IP Addresses you want to restrict to

Here is an example of my full policy with multiple allowed IP Addresses.

    “Version”: “2012-10-17”
    “Statement”: [
            “Effect”: “Allow”,
            “Action”: “ses:SendRawEmail”,
            “Resource”: “*”,
            “Condition”: {
                “IpAddress”: {
                    “aws:SourceIp”: [


Here is a screen shot to help show exactly what it looks like in the AWS Console as it is now.

So then,   go do it!

This condition can be applied to many of your other IAM users too.

SES IAM - Best practice to Limit IP Address

SES IAM – Best practice to Limit IP Address

What Would You Do Differently If You Were To Build Your App Again?

Most app developers start with one but have so many ideas they end up developing multiple apps. After
you’ve built your first app, it’s time to evaluate the process and figure out what you might do differently.
Let’s look at a few things to consider before you decide to develop your next app.

Fewer Features

Did you include too many features in your first app? After launching, maybe you found out users felt
overwhelmed by the features or simply didn’t use most of them.

While you want your new app to be the coolest with the best features, too many features can cause
issues. It’s better to start off with an app prototype with the most important features and add features
as users make suggestions.

Investing too much Money

Maybe your first app cost you a large sum of money and you really don’t want to go down that road
again. With our app prototype service, you can keep the initial investment lower and fine-tune your app
before investing a larger amount of cash.

Focus on the User More

Did you spend months upon months with tunnel vision the first time around? You treated your app like
a new baby joining your family and wanted it to the absolutely perfect. It turned out to be your vision
and launched just as you wanted, but the users barely factored into the equation.

Getting as much input from test groups, user groups, early adopters, early investors, and others helps to
make your app stronger. Our team will help you with your next app by providing an app prototype
service. In just two weeks, we deliver a working app to your phone, which you can use for testing with
users and presenting to investors.

Outsource the Work

Did you have your app developed in-house? This can get rather expensive since you pay for the people
working on your app day in and day out.

When you outsource the work to a development company, you pay when you need them, not when
they show up to work.

When you hire Matraex, we charge a flat fee for our app prototype service. It doesn’t matter how many
developers we have on the project or the amount of time it takes them each day, the fee is the same.
Outsourcing your app development can help you avoid unnecessary expenses. The right developers will
already know the programming language you need and will likely work faster than an in-house team.
Plus, ongoing expenses only occur when you need work done instead of when employees clock in for
the day.

If you’re ready to develop another app, our app prototype service offers the right solution for you. Why
should you have to fork over tens of thousands of dollars and wait months to see your app in action? Let
us create an app prototype for you in just two weeks!

What App Will You Launch Next?

You’ve finished launching an app and you have a mind full of ideas for the next one. What will it be? Did
you learn from the process? Are you going to go about it differently this time around?

There are a few key things to remember when launching a new app. Even if you’ve been through the
process before, you have decisions to make with this new app. Let’s look at a few things to remember
before you launch your next big app idea.

Will users find value?

The most important factor to help you decide to develop a new app is whether or not the users will find
value. Will they be willing to pay for the app, refer others, or will there be another way you can turn a
profit from the app?

If the users don’t find value in your app, it won’t provide the profits you desire.

How long will it take to build your new app?

Did the first app you developed take months or even a year to finish? Do you really want to go through
months of development again?

Some apps take longer than others to develop. It depends on the type of team you choose and how you
go about app development. Maybe you’re ready to jump back into developing another app, but you
want to look at your options this time around.

You can choose traditional app development and wait an average of four to six months. Another option
is to choose our app prototype service and have something to present to investors and customers in just
two weeks.

If you don’t want to invest the full cost of app development in time and money, start by creating an app
prototype. With a prototype, you gain the advantage of getting an app on your phone in less time to see
what users and investors think.

How much will your new app cost to build and maintain?

Figuring out the cost is vital to any app project. If you choose to develop the app in full before launching
it, you will likely spend tens of thousands of dollars, maybe more. Maintaining the app will also come
with ongoing costs to consider.

You can lower the cost of development by starting with our app prototype service. We charge a flat fee
of $10,000 to develop your app prototype and you’ll have a working prototype in just two weeks.

If you’re ready to launch your next app, it’s time to consider the right process. Maybe you went through
the full app development process last time around without a prototype first. This time, it’s wise to start
with an app prototype with only the most important features. After gathering suggestions and data from
users and investors, you can develop your app better while keeping the initial cost down.

So, You’ve Launched an App, Now What?

You went through the process of developing an app and launched it. Now, what do you do with the app?
What’s next?

After you’ve launched, it’s time to gather data, make adjustments, and, in some cases, re-launch. You
want to find out the features users like the most and anything they want next. Of course, this is
assuming your app has a way to collect suggestions from users.

For most apps, development is continuous. You will launch updates and add features as you discover
what users want. It’s important to know, app development is a marathon, not a sprint. You will want to
make your app even better by adding in new features, improving existing features, and getting rid of
unnecessary features.

User Suggestions

Depending on the type of app you’ve launched, collecting user suggestions is the next step after
launching. Let users tell you what they like and what they wish your app provided. Whether you provide
a survey or give them away to make suggestions in the app, this data is priceless if you want to create a
better, more user-friendly app.

Cut Costs & Create a Better App with an App Prototype

If you haven’t developed your app yet or you’re about to start working on the next app, it’s time to
consider an app prototype. By choosing full app development, you’re committing the maximum time
and money to a project without collecting any user suggestions. An app prototype provides a better way
to launch your app with a lower investment.

Instead of wasting time and money guessing what users want, create an app prototype with minimal
features. Then, when you find out what users actually want and need, you can invest in the features you
know they will use and like.

At Matraex we provide a fast, low-risk app prototype service to ensure you gain the tools to develop the
best app for your users. Our team will create an app prototype in as little as two weeks giving you
something tangible to present to investors and customers.

You can gain invaluable insight into what users want with our app prototype service. Once you have the
right information from your app users, you can make a larger investment into the right features you
know will be a hit!

Matraex App Prototype Service

Understanding what an App Prototype is

When you want lean implementation of your app and you want it fast, an app prototype service is right
for you. It comes in at a lower cost compared to traditional app development and provides gives you
something you can present to investors.

Our app prototype service takes your idea and reduced it down to the basic core to create a prototype.
It will include the concepts and ideas that show the value and how your app is unique from others on
the market. The goal of our app prototype service is rapid implementation to get your app idea in hand

At Matraex Software Development, we’re able to create your app prototype in days instead of months.
Skip the waiting and get your app prototype done faster!

Top Benefits of an App Prototype Service

Developing an app prototype comes with many benefits. Of course, getting it done faster is one of the
benefits, but there are several others including:

 Provides a tangible concept you can present to investors
 Allows you to see your app in action at the smallest investment possible
 You gain an idea to show off to your customers
 Helps to validate an early concept
 Test usability and identify issues
 Allows for a more efficient app design

There are many other benefits that come along with an app prototyping service. If you’re looking for a
faster way to see your idea come to life, our app prototype service is the right choice for you.

App Prototype Discovery Session

This is where it all starts. At Matraex, we want to gain a full understanding of your custom app concept,
so we start with a discovery session. During this session, we gain an overview of the idea and concepts
from you and begin the discussion about the custom features for your app. A priority is placed on the
features most important to you and the value the app will provide.

When the app is a good fit for us and we are a good fit for you, the discovery session will lead to a
commitment document with a proposal for you from us. This document will provide the details of the
features we will deliver in your app prototype, along with our commitment to you and our money-back

The app discovery session begins with a simple app survey. This survey offers a few quick questions to
help give us a start on what you’re looking for and your app idea.

Our Simple & Fast Process

When you choose to work with Matraex, you will go through our very simple and fast app prototype
process. This process includes:

1. Discovery Session

2. Defining the prototype and providing a schedule commitment
3. Review and approval
4. Beginning the High-Intensity Development Sprint
5. App development, delivery, and feedback between three and six times
6. Completed app prototype delivered
7. App review session
8. App commitment review session

App Prototype Service FAQs

Is it really possible to have an app on my smartphone in just 3 days?

Yes, with our ability to use Test Flight on Apple, or with an APK file for Android, we can have an app
prototype on your phone in just three days.

What is the cost of the app prototype service?

We charge a flat rate of $10,000 for our app prototype service. Full custom app development can cost
tens of thousands, if not millions of dollars. By limiting the features and providing a scaled-down app
prototype, we control our costs.

How are you able to create an app prototype so fast?

With our in-house prototyping tools and prototype services, we are able to create new app prototypes
very fast. We have API tools and existing accounts setups ready to go with your idea. Since our team is
familiar with all the tools we use, it makes going from concept to prototype much faster for us.

What type of app prototypes do you build?

The majority of the apps we create focus on business, productivity, and utility. Not every app will exactly
match one of these categories and we might be able to build your app prototype if it doesn’t match

Do you build games?

No, we do not build games.

Can you prototype with an app purchase?

Yes, we have a system in place to make it very easy to set up in-app purchases very quickly. This is one
of the longest delays when developing an app. It can take a long time to get your account set up in the
App Store and start receiving funs. We will discuss with you what makes the most sense.

Did You Spend Too Much Time or Money Building Your App?

Traditional app development may cost tens of thousands of dollars. Some apps cost millions to develop.
If you have an idea for an app, you might not have this type of cash to invest upfront for full app

You can spend too much money or time building your app only to find out there’s no market for it.
Maybe you already went through the process and you’re finding out now that you spent too much time
or money building your app.

What’s a normal amount of money to spend building an app?

The amount of money you will spend to build an app will depend on the type of app, the platforms it’s
built for, the design, and a few other factors. The average cost to develop an app will range from about
$38,000 to $170,000. However, it can reach as much as a half-million and even go into the million-dollar

The type of app will play a factor with IoT or wearable applications having the highest cost. M-
commerce apps can also be rather expensive, along with Enterprise mobile apps. Depending on the type
of app you plan to develop, the team you choose for development, and the overall design, your costs
can range quite a bit from just under $40K to more than $1 million.

What’s a common amount of time to spend building an app?

Just as the cost to develop an app can range quite a bit, so can the amount of time it takes to develop
the app. The amount of time will depend on the design of the app and the team you choose to develop
the app.

For most apps, it will take between four and six months with some taking longer and some not quite as
long. A small percentage of apps will take more than 10 months to develop.

Did you spend too much time or money developing your app?

This isn’t the easiest question to answer and it really depends on what your goal was and how the
process went for you. If your app was rather simple, yet took several months to develop, it might have
cost you too much time and money.
However, if you took on investors, developed the app, and found out it’s hard to make any money from
it, you probably spend too much time and money on the app.

How can you keep the cost and the time investment down when developing a new app?

Maybe you’re ready to try again with a different app idea or maybe you just want to avoid spending too
much time and money on the idea without proof of concept. If you’re working with a limited budget and
you need an app developed fast, our app prototype service is the right choice for you.

With an app prototype, you get a scaled-down version of your app idea created quickly to present to
investors and customers. It will allow you to see your concept working on an actual smartphone before
deciding to invest any more time or money into the idea.

Our team develops app prototypes for a fraction of the cost compared to full app development. We get
a working app on your phone very fast and you will have something tangible to present to investors and
customers in two weeks.

Compared to investing months of time and tens of thousands or maybe hundreds of thousands of
dollars, developing an app prototype is a better solution. You will be able to see your app working and
gain proof of concept before making the mistake of investing too much time or money into an app idea.

Understanding App Prototyping for Beginners

You’re brand new to the app development game and you’ve heard of app prototyping, but you’re not sure what it is. Maybe you’ve figured out that the app development process can become very costly. App prototyping is a more affordable way to see what your app will look like and how it will function. 

If you’re not sure what app prototyping is or how it works, the following guide will help you better understand this concept. 

A Cost-Efficient Way to Test Your Ideas

Developing an app from beginning to end is very costly. However, when you use app prototyping, you’ll gain access to a cost-efficient way to test out your ideas before fully developing or launching your app. 

When you want to develop an app that millions of customers will use, app prototyping is a great place to start. It can act as a springboard into full development while giving you the ability to attract the right investors during the funding stages of your business.

Prototyping isn’t a new concept. Inventors and product creators have used prototyping for many decades. App prototyping, however, is a bit of a newer concept, but it works in a very similar way.

Before you commit to fully developing your app, prototyping allows you to see how it will look and function. You can make adjustments to your ideas early in the process instead of waiting until the final stages.

Top 5 Benefits of App Prototyping 

1. Save Money

Instead of creating a fully developed app, with app prototyping, you’ll be creating a “ready-to-code” mockup of your app. This helps save money as you won’t need to go through full development stages until the ideas behind the app have been fully vetted and tested.

2. Ability to Quickly Share Your Concept

Developing an app takes time. With prototyping, you can quickly get a tangible mockup ready to share with co-founders, test groups, and investors.

3. Gain Customer Feedback

You don’t have to wait until you’ve launched your app to gain feedback from customers. With app prototyping, you’ll be able to gather feedback by sharing the prototype before you go into full development stages.

4. More Time for Changes

The prototyping stage allows you to make changes without spending as much money or wasting as much time. Since it’s just a mockup of the app, you can test it out, analyze it, refine it, and repeat the process. 

5. Better Final Product

Since you will be able to go through the testing phase a few times, you can create a better final product. When you present a mockup to investors and customers, they might have valuable input to help you make adjustments. 

When you’re new to app development, prototyping offers a great solution. It’s the best way to see your ideas come to life at the lowest cost. Once you have your app ready to be fully developed, you’ll have a tangible mockup to present to potential investors for additional funding.

If you’re looking for a way to see your ideas developed into a functioning app quickly, app prototyping is the right option. It’s faster and more affordable than full app development, but it can also springboard your app into full development when the time is right.

Use App Prototyping to Impress Investors

Pitching an idea to investors isn’t easy. Some investors want to see sales, while others struggle to grasp your concepts. With app prototyping, you can provide a tangible mockup to help investors grasp what you’re trying to accomplish.

You might think it’s enough to just create a few sketches or even a PowerPoint presentation. Sure, this might work, but it won’t have the effect an app prototype will have. Here are a few ways using app prototyping will help you impress investors.

Sets You Apart from the Competition

Investors see multiple pitches every month. You’re not the only one with an idea for an app or a startup company. They want to invest in the best ideas and the most promising companies.

If you’re trying to secure funding, an app prototype will help set you apart from the competition. Instead of just being another entrepreneur pitching the “next big thing” you’ll have something tangible investors can see in action.

While all the entrepreneurs pitching the investors will have a business plan, projections, and maybe a few sketches for their app, you’ll have a prototype. This will set you apart and help you gain the funding you need to complete your app and move into full development.

Shows you Have Skin in the Game

If you funded your app prototype yourself or you had to pitch your idea to investors to find funding, it shows you have skin in the game. Investors like to know you’ve put up the money and you’ve taken on the risk, too. 

When they choose to invest in your idea, they will be taking on a big risk. They are betting on you, and if you don’t have any skin in the game, it makes it harder for investors to bet on you. 

You can Better Show Off Your Vision

Have you ever had a conversation with someone and you just couldn’t figure out what they were trying to explain to you? When you have an idea and it’s hard to show it through sketches and a presentation, an app prototype helps.

You can show off your vision better with a prototype because it will be a functioning mockup of the final product. However, there’s still room to make adjustments to your app before it’s fully developed. As you show off your vision, investors will be able to provide feedback, which makes it even better for you and the investors.

Sometimes, it can be difficult to get other people to grasp your idea. When you need investors to quickly understand what you’re trying to do with our app, you need a prototype. 

Investors didn’t come up with the idea like you did. They don’t understand the idea you have and it’s your job to show them how you’re trying to solve a problem and why it works. 

When you choose app prototyping, you’ll gain a tangible mockup you can use to impress investors. You’ll stand out from the crowd of entrepreneurs and you’ll be able to bring your vision to life.

What are the Benefits of App Prototyping?  

App prototyping offers plenty of benefits compared to full app development. It’s a great way to get your ideas from paper to a functioning mockup. 

The phrase, “a picture is worth a thousand words” is an apt analogy to comparing an app prototype to the idea you have for an app. When you create a prototype, it helps bring the idea to life. Let’s look at some of the core benefits of app prototyping.

6 Benefits of App Prototyping

1. Highly Cost-Effective

Compared to developing your app completely, app prototyping is a much cheaper option. It’s cost-effective because you gain a working mockup to help show off the idea without investing in complete app development. 

Whether you’re starting a new business or trying to create an app for your existing business, investing in app prototyping offers a less expensive solution. 

2. More Clarity

You might have an idea for an app, but you’re not sure how it will work or look. With app prototyping, you get the ability to see your app function and gain clarity throughout the process. It works as the ultimate visual aid to help you gain feedback from others and make adjustments to the design and functionality.

3. Gain Feedback

It’s hard to send a sketch to someone and get their feedback on an app. Sure, they might be able to give you some pointers on the colors or the design, but they cannot see any functionality or see the app on an actual screen.

When you create a prototype of your app, you can gain feedback from potential investors and customers. This feedback can be priceless as it can help you make changes to better suit your target market.

4. Perfect the Design before Development

When you choose app prototyping, you get the ability to test, analyze, adjust, and repeat multiple times. You can try out different functions and figure out what works best for the end-user.

Instead of launching an app and releasing update after update, you can fix issues and adjust functionality during the prototyping stage.

5. Provide Something Tangible for Investors

It’s hard enough to gain funding when you cannot show sales yet. Investors need to understand your idea and how it works to solve a problem or provide convenience.

With app prototyping, you’ll be able to provide something tangible for investors. They can see how the app works and what to expect with the end results once the app is developed. 

6. Validate the User Experience

One of the most important factors for any app is the user experience. Without a working mockup, it’s hard to validate the user experience. App prototyping allows you to find out if your app provides a good user experience or needs some work.

When you choose app prototyping instead of full app development, you gain access to a more cost-efficient way to bring your idea to life. Many benefits come with creating a prototype first and developing the app later. These are just a few of the core benefits you’ll gain from the app prototyping process.

3 Reasons Mobile App Developers Need Prototypes

It all starts with an idea for mobile app developers. The idea is the beginning of the journey towards watching an app become functional and solve a problem for the end-user. 

As you go through the development phases, you’ll need to take your idea and bring it to life. This means figuring out how the app will look, feel, and function. With app prototyping, you gain a better, more cost-effective solution to bring your idea to life.

There are many reasons why mobile app developers need prototypes. Let’s look at a few of the most common reasons.

Saves Time and Money

The biggest reason anybody chooses to do something is to save time or save money, especially when developing a new idea. App prototyping helps with both. You will be able to bring your idea to life without going through the full development, which takes up time and costs money.

Consider the worst-case scenario. You hire a full app development team and they work around the clock to bring your vision to life. Then, once the app is completed, you realize the design isn’t as appealing as you hoped or it simply doesn’t work as you have envisioned. Now, you have to go back and fix things, which cost more money and more time.

With app prototyping, you can see your idea come to life for a lower cost and it will be completed much faster. Once you see the app and the functionality, it’s much easier to make changes before you launch the app to the public.

Provides a Way to Vet the Idea First

You’ll gain a better way to fully vet your idea before sending it into the expensive and time-consuming development phases with app prototyping. Instead of releasing updates after you’ve launched, you’ll be able to avoid costly issues and fix problems early on. 

Prototypes can be tested and adjusted multiple times before being fully developed. You don’t have to go into the coding stages before you see how things will work and look. This means you get to vet your app before it’s ever really created.

Gain Incredible Feedback

If you want to know what potential customers and investors will think before spending the money to fully develop your app, a prototype is for you. With an app prototype, you can gain feedback from your target market and potential investors, which can be invaluable.

Some investors might have contingencies, which include specific changes they believe will benefit the performance of your finished app. If you’ve already developed the app, these changes can be very expensive and time-consuming to make. With a prototype, you’ll likely be more open to the feedback of investors and potential customers since the changes will only incur minimal costs.

There are several reasons why mobile app developers need prototypes. These three reasons are just a few of the main ones. You will also gain many benefits and the ability to see your idea come to life without fully investing in the entire development of an app.

App Prototyping vs. Full App Development

When it’s time to create an app for your startup business or for an existing business, app prototyping offers an excellent starting point. The prototyping stage allows you to make changes before you get to the final stages of full app development.

It’s important to compare app prototyping and full app development before you move forward. Developing your app won’t be cheap and you want to make sure you invest your funds wisely. Let’s look at app prototyping vs. full app development to make it a bit easier to see the differences.

What is App Prototyping?

Taking an idea for an app and showing its value can be done with app prototyping. It gives you a clean tool to use when pitching investors without a completed final product. 

App prototyping is basically a model of the app you want to create. It gives you the ability to test the app before you spend time and money on full app development. Many companies use app prototyping to show interested investors the concepts and ideas before complete development.

When you choose app prototyping, the cost will be lower and you will be able to see the functionality of the app. This stage in development allows for changes to the design, the functionality, and pretty much anything else involved with the app. It takes your idea from a sketch on paper to an actual visualization of the app complete with functionality through a working layout and design.

What is Full App Development?

When you choose full app development, you might have already gone through the prototyping stage in development. If not, you will likely be hiring a team of developers and going through the phases of developing, testing, and launching your app. 

This is great if you already know what you want and you have the funds to support full app development. However, if your app is simply an idea and needs to be tweaked along the way, app prototyping offers a less expensive way to get a functioning prototype ready. 

Benefits of App Prototyping

1. Very Cost-Efficient

When you start your project with app prototyping, you’ll be using a more cost-efficient option. The process gives you the ability to solve problems during the beginning stages of the process instead of waiting until the end. 

It’s easier and less costly to make changes during the testing phase compared to making changes to a nearly finished product.

2. Ability to Pitch Investors

Maybe you have an idea, but you need funding. Using app prototyping allows you to create something you can show potential investors before going through the more expensive full app development process. 

3. Exploration and Improvement

When you develop an app, you might find ways it can work better or you might want to change the functionality along the way. App prototyping offers an easier way to make changes throughout development before you’ve paid for a nearly complete app.

When looking at app prototyping vs full app development, for many, app prototyping offers a better option. You likely have the goal of developing a completed app, which app prototyping can lead to. However, starting with a cost-efficient solution like app prototyping offers a better solution for most companies looking to develop a new app.

5 Types of Application Design

5 Types of Web Application Development Programs

Quick definition: A web application can run on any browser. Also, this application is used on tablets, laptops and computers. We will review the five most common web applications.

Shopping Applications

The shopping applications or e-commerce applications are developed for buying and selling products or services online. This application is difficult to design because it has to accept electronic payments and shipping information. Boise Custom Development can answer your questions about shopping applications.

Portal Application

Portal applications or online web portals are developed for email, forums and chats. This tool provides data that is easy to understand. For example, your online bank will allow you to submit questions about your account by sending an email using the web portal.

Dynamic Applications

Dynamic applications or web page is a database development program that is updated often. The site’s administrator will correct or change information on the page. For instance, the health department will update its site to post numbers about a specific disease each day. Boise Custom Development can help you get your dynamic project off the ground and running.

Animation Applications

Animation applications use computer flashing technology. This technology is widely used in cartoons and video games. The characters usually are telling stories that are made for small children.

Static Applications

Finally, static applications may include electronic resumes, business portfolios or a company’s web page. Static technology is located in the browser and not on the server. Most static applications are written in HTML format.

Sending Email on Servers on AWS (SES)

Sending email from PHP is often automatic and simple if setup on a traditional hosting account – however the mail() function in PHP does not work on AWS EC2 servers. AWS requires that you use the SES service. (Simple Email Service).

There are several tutorials that walk you through getting your account setup

To send email FROM your email domains you will need to setup and authorize the domain (See TIP #1 below)

The step that is often missed is that outgoing email in new accounts is allowed ONLY to the email addresses you verify – to verify individual emails addresses.

To enable your account to send email from your verified domains, and to ANY email address, you will need to get the account removed from the sandbox mode (check the Email Sending -> Sending Statistics page for a message) Click the ‘Request a Sending Limit Increase’ button to ask to remove the account from the sandbox. (here is a tutorial – )

TIP #1: I would suggest using route 53 for DNS for your domains, as it is a simple couple button clicks to authorize the domains, and get DKIM setup

TIP #2: make sure that you have posted a privacy policy or an email policy on your site – which explains how you send emails and handle their email information. Include a link to your policy in your request for removal from the sandbox.

AWS – Change your Root Password

It is not a good idea to use the Root account to manage and work with your AWS account.   Ideally you have setup IAM user accounts with only the required permissions.

However occasionally you need to update your Root level account password.   This video quickly shows you how to do it

(if this video is low quality,  try opening it full screen and playing it again,  the video is short and may be done playing before YouTube can catch up with downloading a higher quality version)

AWS – Disable IAM User access to Billing Console

In an AWS Account, Root users can create IAM Users with Account Administrator Permissions

However those users do not have access to the Billing Reporting.

A Root user can enable this though – follow the steps in this video

(if this video is low quality,  try opening it full screen and playing it again,  the video is short and may be done playing before YouTube can catch up with downloading a higher quality version)

AWS – Enable IAM User access to Billing Console

In an AWS Account, Root users can create IAM Users with Account Administrator Permissions

However those users do not have access to the Billing Reporting.

A Root user can enable this though – follow the steps in this video

(if this video is low quality,  try opening it full screen and playing it again,  the video is short and may be done playing before YouTube can catch up with downloading a higher quality version)

Matraex Launches Custom App Partner Program for Agencies and Advisors

Matraex has long provided custom app services for Marketing Agencies, Business Advisors and IT Service Companies.

These partners are an important part of our business,  where we grow primarily through the referrals they bring us.

We have created a Partner Program to help formalize these relationships.

The partner program guarantees our Partners trust, a timely response, assistance identifying projects and revenue opportunities in their current client base as well as many other benefits.

To help our potential partners find out more,  we launched a partner site at

If you’d like to find out more about the program,  call Michael Blood at 208.344.1115 x 250 or email at

Moving PHP sites to php 7.2 – undefined constants used as a string

PHP7.2 and above will no longer allow Undefined Constants

According to the “Promote the error level of undefined constants” section of the PHP 7.2 Backwards Incompatible Changes Document

Unqualified references to undefined constants will now generate an E_WARNING (instead of an E_NOTICE). In the next major version of PHP, they will generate Error exceptions.

There have been many changes to PHP over its many versions – For Matraex’s use of PHP,   each version has been mostly compatible with the previous one with only minor changes, until a major decision affected one of the ways we deliberately used what we once called a “Feature” of PHP.  (For a full list of incompatible changes look at the Backwards Incompatible Changes sections in the PHP Appendices )

On March 5th, 2017, Rowan Collins proposed to deprecate bareword strings.  In PHP 7.2   the messages throw an E_WARNING message and in PHP 8.0 it will through an E_ERROR.

PHP has always been a loosely typed language which allows flexibility in many ways,   And we had used this flexibility in order write code in a ways that we belive made it more legible, maintainable and supportable within our coding style.   With this new change, hundreds of thousands of lines of code will need to be rewrittend before we can put it on a 7.2 or above server,  keys may be difficult to search, we will have inconsistencies in usage of keys depending on whether they are inside or out side of quotes.

Take this one example where lines 1, 3 and 4 below would work,   but line 2 would throw a warning in 7.2 and would through an error in 8.0.

  1. echo “Hello, $user[firstname],”;
  2. echo “Hello, “.$user[firstname].”,”;
  3. echo “Hello, “.$user[‘firstname’].”,”;
  4. echo “Hello, “.$user[“firstname”].”,”;

Matraex would have previously preferred to use methods 1 and then 2,  as they require fewer quotes and a search in our IDE of ‘user[first’ would have highlighted both uses.

Mr Collins did evaluate both sides of the decision and wrote a bit about it.  He described that “The value of keeping the current behaviour would be for programs written to deliberately take advantage of it”,   however he really dismisses that value and gave a stronger argument undefined constants can “mask serious bugs”.

I agree with each of the arguments and our 7.2 scripts will all comply with this new syntax requirement.  However, I disagree with the way the solution was indiscriminately executed.  A more considerate solution would have been to create a configuration option in PHP to control the requirement and allow developers and system administrators to continue to ‘deliberately’ use ‘undefined constants’.   This option would also allow existing stable programs to continue to take advantage of the other features of PHP >=7.2 without a significant refactor.    Perhaps the Impact section of the article could attempted to get more feedback from users that had deliberately made heavy investment in this feature.

To be more direct here is my request: PHP developers,  please create / allow a configuration option in PHP which will allow undefined constants to be used as strings. 

Changing existing code across the 10 + years of PHP projects will take thousands of hours to modify and test,  and that is just the projects that still exist. This is a barrier to upgrading to PHP 8.0.

Arguments for a configuration option

  • Millions of lines of code which deliberately use undefined constants as string (more likely billions or trillions – I probably have close to one million myself overtime)
  • My random belief: PHP should enforce “standards” on those that want or need them,  and allow experience users to explicitly choose to ignore them.
  • The configuration option would be disabled by default to address all of the problems mentioned in ‘the problem’ section of the article

Dealing with undefined constant warnings

Now we get to more technical area where I document some of the methods we have used to find code that needs to be updated for PHP 7.2 code.

1)  Use grep to find all uses of the code

This code finds ALL uses of lower case strings without quotes – because our standards do require constants to be in upper case

grep -Rne ‘\$[A-Z\_a-z]*\[[A-Za-Z\_]\{1,\}\]’ *.php

2)  Suppress E_WARNING messages

This is a bad idea,   while it will certainly make it so that your code continues to work in 7.2,   it will not fix it going into 8.0,   and this WILL mask other issues that you do need to know about.

If you want to learn mroe about this,   take a look at this discussion about it on Stack Overflow. Definitely read the comments about hiding warnings to get a better feel for it.

3) Create PHP configuration options to make provisions for undefined constants

These options would require the good work of a C developer that works on the PHP source. Some of these ideas may just work as described,  they really are just a good start (or continuation) of a discussion for features which could be implemented.   I don’t have a ‘bounty’ system but if you are interested in creating any of these options,  or would like to group together to coordinate it, please contact me.

  1. undefined_constants_string_level – Have a PHP directive which declares what E_ level all undefined constant warnings should – default in 8.0 can be E_ERROR
  2. undefined_constants_string_lowercase – Allow users to configure options which would allow only lowercase (or mixed case) constants as strings – which would allow / reserve upper case for use as constants.
  3. undefined_constants_string_superglobal – Allow undefined constants to be used when attempting to reference any key to a super global array (such as $_POST[mykey] or S_SERVER[HTTP_HOST]);

Matraex Releases FrameTurn SaaS

Matraex Announces the Launch of FrameTurn Application to Improve Optical Frame Sales – for BridgePoint Optics

Boise, Idaho (28 July 2018) — Matraex, Inc. ( announces the launch of FrameTurn ( a custom application designed to help independent optometry practices use data driven techniques to enhance their business. The app was designed for Bridgepoint Optics (, an optical industry sales and business consultancy for independent eye care practices throughout the U.S.

Adding an on-line application provides a Software as a Service (SaaS) that extends their ability to help the optical industry, giving Bridgepoint an additional, marketable service it can provide to its own clients.

Matraex has developed a powerful on-line tool for Bridgepoint Optics that provides their clients with information that can help them make purchasing decisions in a timely and profitable manner.

“Offering a Software as a Solution (SaaS) product to its clients provides BridgePoint with additional business opportunities,” says Michael Blood, president of Matraex, Inc. “Developing a tool of this type for businesses is what drives us. We are excited to see FrameTurn go live over the next few weeks.”

From Bridgepoint’s perspective, the FrameTurn application provides an additional tool in their existing tool box of services that they can offer. It also gives them a significant edge in marketing to the vision care industry. Most importantly, however, it provides a powerful analytical tool designed to increase their clients’ bottom line at a very affordable price.

“Independents have traditionally relied on their instincts, or even guess work, rather than data to make purchasing decisions about frames for their optical shops. We’re excited to end all that! With FrameTurn, these eye care practices will have the ability to record and automatically analyze past and existing sales in various ways to determine trends that can increase their profitability,” says Dr. Rook Torres, co-founder of BridgePoint Optics and FrameTurn.

About Matraex, Inc.

Matraex, Inc. (  is a Boise-based software and application development company. The company has served many local and national organizations for more than 15 years, including the Better Business Bureau, Hewlett Packard, Madison Square Garden, Penn State University and the Idaho Hospital Association. The services include custom designed mobile applications (iOS, Android, etc.), as well as website development and management.

About BridgePoint Optics

BridgePoint Optics ( is an optical industry sales and business consultancy. For more than 25-years, they have specialized in the growth and development of independent eye care practices throughout the U.S.

PDF Version




New Group Sales Application for Bogus Basin

Boise-based MATRAEX to Develop New Group Sales Application for Bogus Basin

12 June 2018 (Boise, Id.) — Matraex, Inc. (, a Boise-based software and application development company, announced its most recent project with Bogus Basin Recreational Association, Inc. ( to develop a custom website application for Bogus Basin’s Life Sports and School Night programs. The website application will help Bogus Basin coordinate and manage school group functions. The project is expected to be completed in September 2018 in anticipation of the 2018-19 ski season.

“We are thrilled Bogus Basin selected us to help streamline their processes as they move forward in their quest to be one of Boise’s premier winter and summer group destinations,” said Michael Blood, President of Matraex, Inc.

According to Molly Myers, Group Sales and Event Coordinator at Bogus Basin, the website and application will replace a legacy application they have used for more than 15-years. The new site will update and streamline the booking process by providing a single repository for group information and eliminating multiple communication channels where mistakes can occur. In addition, it will ensure that information flows to the correct departments for accurate fulfillment of each group’s needs.

“Having a streamlined system that’s uniquely tailored to our needs is very appealing,” said Myers. “Anything that supports a fun and efficient visit to Bogus Basin in the long run aids in our goal of making lifelong skiers and snowboarders.”

School groups that participate in Bogus Basin’s Life Sports or School Night must provide a lot of information about the students when booking, including:

  • Group size
  • Age, height, weight and shoe size of each participant to ensure sufficient, well-fitting rental equipment
  • Ski ability levels for each group member so that appropriate ski instructors are available
  • Special needs or requests

The website application will have additional benefits for Bogus Basin, including the ability to track, process and report financial information for internal use.

Matraex’s work with Bogus Basin will also incorporate other group offerings, such as bookings for the new “Glade Runner Mountain Coaster” attraction and other “Fun Zone” activities.

The Matraex website app is projected to go “live” in September 2018, just in time for schools and other groups to book their group ski trips for the 2018-19 ski season.

About Matraex, Inc.

Matraex, Inc. is a Boise-based software and application development company. The company has served a number of local and national organizations, including the Better Business Bureau, Hewlett Packard, Madison Square Garden, Penn State University and the Idaho Hospital Association. Their services include custom designed mobile applications (iOS, Android, etc.), as well as website development and management.

About Bogus Basin Recreational Association

Bogus Basin Recreational Association, Inc. is a 501(C)(3) non-profit organization dedicated to accessible, affordable and fun year-round mountain recreation and education for the Treasure Valley Community.

For more information, please visit or call Michael Blood at (208) 344-1115.

Matraex – GDPR Data Processing Addendum

Earlier Today Matraex announced an updated Privacy Policy.

Now, we announce that our GDPR Matraex – Data Processing Addendum.pdf template is available to our clients and customers.  This means all of our US based clients that work with Personal Information of European Economic Area (EEA) citizens, can fill out the agreement and submit it to Matraex and keep our Service Agreements compliant with the GDPR.

The DPA also includes EU Model Clauses, which were approved by the European Union (EU) data protection authorities, known as the Article 29 Working Party. This means that Matraex customers wishing to transfer personal data from the EEA to other countries can do so with the knowledge that when Matraex processes the subject personal data it will be given the same high level of protection it receives in the EEA.

  • This announcement is important to our previous customers,  we are able to provide followup work on their existing software which interacts with EEA personal data.
  • This announcement is VERY important to our existing customers, it provides assurances that Matraex can continue working with their applications and services which process EEA personal data.

Each Matraex customer using processing EEA personal data will need to have a data processing agreement to comply with GDPR.  Previous, existing and new customers are asked to download and read the agreement and fill out the requested information. While the entire agreement is important to read and understand,  certain areas require input:

  • Enter your company information on Page 2
  • Have a company authority execute the agreement on Page 5
  • Enter the Member State your business is established in on Pages 10 and 11
  • Enter the “Categories of Data” which will processed on Page 12

Please contact us directly to assist in filling out the information,   when ready, email it to so we may review it,  and counter sign it.

Matraex executes a Data Processing Addendum with each of our clients that process Personal Data in the European Economic Area,  this allows us to be in compliance with GDPR and other privacy laws,  as well as with our own Privacy Policy

Privacy Policy Updated

If you have an email account,  there is a good chance that it has been filling up with Terms of Service and Privacy Policy updates over the last two weeks.

I am sure you have read them all and you understand that the EEA’s GDPR goes into effect today – May 25, 2018.

Matraex is similar to many of these companies and we have updated our Privacy Policy to comply with GDPR.

  • Our policy is easy to read with a Summary at the top and the Full policy beneath
  • Our policy is a single document rather than a maze of links
  • Our policy applies to all personal data

Matraex is also Very Different than most of the companies you have seen emails from.

  • Matraex builds the software for the companies subject to GDPR
  • Matraex maintains and enhances the software for companies subject to GDPR
  • Matraex is subject to GDPR as a Data Importer and Data Processor on behalf of our clients,  (others are Data Controllers and Data Processors)

As a third party Data Importer and Data Processor GDPR requires that our policies must also govern our data responsibility between our parties by entering into a Data Protection Addendum (request an addendum here)

In the process of putting GDPR together the EEA has defined quite a bit of vocabulary to help define responsibility in handling Personal Information Data – check out this glossary of GDPR terms to help define some of the terms I used above

To discuss any privacy, GDPR or custom services please contact us.

1.4 billion email accounts compromised

The list of websites that have been hacked is growing, and it is VERY likely that every one of us has been affected.

Hackers have always compiled, sold and distributed a list of breached accounts, but in December 2017 researchers saw an unprecedented list show up on the Dark Web.

A hacker assembled 1.4 billion compromised email address and credentials into a very organized list. The hackers provided tools to quickly search, sort and add to the list.

The compromised accounts were from many recent hacks including LinkedIn, Equifax and Uber. To see an updated list of hacks, refer to the Wikipedia article.

The 42 GB list is currently shared on many Peer to Peer networks and it can be found by anyone that truly wants to.

Matraex researched this list and developed a Hack Check app at to allow users to check whether they are on the list.

If you are a business with multiple domains and you need assistance researching how they were affected,  contact Michael Blood at 208.344.1115 x 250

Bridgepoint engages Matraex to create FrameTurn SAAS

Bridgepoint has engaged Matraex to build the FrameTurn SAAS product they plan to launch to the Optometry Industry.

FrameTurn is a dynamic product which helps small, medium and large Optometry clinics optimize the sales mix of their retail offerings to improve sales up to 30%.

Matraex, Inc is a Boise Idaho applications development company specializing in bringing custom business offerings to market.


The right app partner

The right app partner can change everything.

We have built many of the apps that your employees already know and love to use. With mobile and cloud apps it’s easy to integrate into your existing workflow, which means there’s no need to change how you already work to unlock efficiency.

Meet the worker bot.

An app can empower employees to produce more, faster, by offloading routine processes onto worker bots. A worker bot is a software process that handles chores for you.

A worker bot may also route information into disparate systems. Integrating your customer relationship management software with your Quickbooks installation has never been easier.

Now with worker bots and smart integrations, employees can stay productive and also monitor the small things that lead to huge savings.

When employees are unencumbered by simple tasks or data collection, they’re not just happier, they’re more engaged and more productive.

New ways to make an impact at work.

Today’s business world has never been more mobile. So we create apps that give employees everything they need to be productive, wherever they are. Your app may be customized to fit the precise needs of your business, or perhaps it is extended to fire an alert when some process falls out of variance.

Improving customer service may mean a more timely response, or having access to the manufacturing or shipping data from your mobile. Matraex integrates systems to make your sales and service teams more nimble.

The world’s experts are also our partners.

To help give your employees and customers the best app experience, we’ve engaged some of the world’s leading technology companies. Whether you are looking for a cloud hosting platform, backend system integration specialists, or mobile network services, you’ll have access to experts around the world you can work with and learn from.

At Matraex, our core is developing smart solutions for business. We build core infrastructure that creates recognizable returns. Is it time for us to help you elevate your business?

COMMANDDUMP – Monitor File for error – Ding if found

An Elusive error was occuring that we needed to be notified of immediately.  The fastest way to catch it was to run the following script at a bash command prompt so that when the error happened the script would beep until we stopped it.

while true; do ret=`tail -n 1 error-error-main.log|grep -i FATAL `;if [ “$ret” != “” ] ; then echo $ret; echo -en “\0007”; fi; sleep 1; done

COMMANDDUMP: postfix – explore and fix spam clogged mailq at the command line

  • SystemA is a postfix mailserver
  • SystemA receives all email messages sent to
  • All messages are forwarded to a Gmail Account  (a catchall alias)
  • when spammers saturate gmail starts defering emails and the server becomes plugged waiting to forward the emails


The user you are trying to contact is receiving mail at a rate that prevents additional messages from being delivered.  Please resend your message at a later time. If the user is able to receive mail at that time, your message will be delivered.

List the email addresses that were originally sent to with the number of times each.

ServerA>for fl in `mailq|grep -B4| awk '$1 ~ /^[A-Z0-9]+$/{print $1}' `; do grep original_recipient "/var/spool/postfix/defer/${fl::1}/$fl" ; done|awk -F= '{print $NF}'|sort|uniq -c | sort -n

Delete from the mail queue all email messages sent to a specific user

ServerA>for fl in `mailq|grep -B4| awk '$1 ~ /^[A-Z0-9]+$/{print $1}'`; do grep -l "/var/spool/postfix/defer/${fl::1}/$fl" ; done|awk -F/ '{print "postsuper -d "$NF}'|bash
ServerA>grep /var/spool/postfix/defer/ -rl|awk -F/ '{print "postsuper -d "$NF}'

Delete all mail messages from ‘Maria*’

mailq |awk '$1 ~ /^[A-Z0-9]+$/'|awk '$NF ~/^Maria/{print $0}'|awk '{print "postsuper -d "$1}'|bash


Proftpd PassivePorts Requirements (or Not Working)

After an exhaustive research session attempting to enabled Passive FTP on a Proftpd server I found and am now documenting this issue.

PassivePorts is a directive in Proftpd.conf to configure proftpd to use a specific set of ports for Passive FTP –   You would the allow these ports through your firewall to your server.

The documentation on the full configuration and reason that you would use Passive vs Active FTP,  and how to set it up on your server and firewall are beyond the scope of this document but I a couple of links that might get you there are here.

In my first attempts I was attempting to use the port range between 60000 and 65535,  the firewall ports were forwarded,  and things did not work

  • PassivePorts 60000 65535

So I had to dig in and find the details of why not,   I enabled debugging on filezilla and ran at the command line in order to try and see what was happening

  • proftpd -n -d30

I found a post somewhere that explained how I could read the response to the PASV  command,

  • Entering Passive Mode (172,31,10,46,148,107)

These last two octets in the response are the port number that is to be used  here is how you calculate it (148*256 +107)=37995.    Even though I had the server setup to use PassivePorts 60000 – 65535 it was still attempting to use 37995.    Once I figured out how to confirm which port was being sent,  I realized that the issue was not a firewall or other problem, but rather something in the system.

I happened across a Slacksite article which helped me find this in the Proftpd Document

PassivePorts restricts the range of ports from which the server will select when sent the PASV command from a client. The server will randomly choose a number from within the specified range until an open port is found. Should no open ports be found within the given range, the server will default to a normal kernel-assigned port, and a message logged.

In my research I was unable to find a message logged so I dont believe that a message shows anywhere,  however this article helped me realize that there may be some issue on my system which was preventing ports 60000 to 65535 to be available and I started playing with the system

  • 60000-61000 and 59000-60000 had no effect the system was still assigning ports within the 30000 to 40000 range.
  • 50000 to 51000 had the same effect

So I tried some entries within the 30000 and 40000 and I found I could consistently control the ports if I used any range between 30000 and 40000

  • PassivePorts 30000 32000 – gave me 31456, 31245, 30511,  etc
  • PassivePorts 32000 34000 – gave me 33098, 32734, 33516,  etc
  • etc

From this I figured out that I can only control the ports on this system in a range lower than the ones I was originally attempting

I did more research and found that there is a sysctl variable that shows the local anonymous port range

  • sysctl -a|grep ip_local_port_range

On my system for some reason this was set to

  • net.ipv4.ip_local_port_range = 32768 48000

I attempted setting this to a higher number

  • sysctl -w net.ipv4.ip_local_port_range=”32768 65535″

However this did not change the way the proftpd allocated the ports   only the lower range was available.   Perhaps I could have set the variabl in sysctl.conf and restarted,  but I stopped my investigation here.  Instead I changed the firewall rules to allow port 32000 to 34000 through and I stuck with the configuration

  • PassivePorts 32000 34000

What I learned from this was:

PassivePorts only suggests that your system use range of ports you specify,   If that range is not available the system quietly selects a port outside the range you specified,  If you have problems with your FTP hanging at MLSD check your logs to verify which PORT has been assigned. using the calculation (5th octet *256 + 6th octet).

Call Now Button(208) 344-1115


Join our email list

and get your free whitepaper