Skip to content
Miraat·dweb developer journey, reflected
IT EN FR عربي
BA

Backend Development

Understand how an app actually works under the hood: servers, databases, APIs, auth, scaling.

22 skills 7 months Intermediate
The backend is the invisible but vital side of every application: it handles data, business rules, security, and scaling. This path takes you from understanding how HTTP and databases work, all the way to designing solid REST APIs and shipping real deployments.

The reference stack uses PHP 8 and Node.js (both highly relevant in the job market), but the underlying concepts — request/response, ORM, SQL queries, authentication, caching — transfer cleanly to Python, Go, Java.

Outcomes: backend developer, junior full-stack, platform engineer.
HTTP Fundamentals · 25 min FOUNDATION · 25 MIN HTTP Fundamentals Request/Response Cycle · 20 min FOUNDATION · 20 MIN Request/Response Cycle PHP Fundamentals · 35 min FOUNDATION · 35 MIN PHP Fundamentals Node.js Fundamentals · 35 min FOUNDATION · 35 MIN Node.js Fundamentals Routing and MVC · 30 min CORE · 30 MIN Routing and MVC SQL Fundamentals · 30 min FOUNDATION · 30 MIN SQL Fundamentals Database Modelling · 30 min CORE · 30 MIN Database Modelling ORM Basics · 25 min CORE · 25 MIN ORM Basics Migrations and Schema Versioning · 20 min CORE · 20 MIN Migrations and Schema Versi… Authentication: sessions and bcrypt · 30 min CORE · 30 MIN Authentication: sessions an… Designing a REST API · 30 min CORE · 30 MIN Designing a REST API JSON Input Validation · 20 min CORE · 20 MIN JSON Input Validation Caching Strategies · 30 min ADVANCED · 30 MIN Caching Strategies Background Jobs and Queues · 30 min ADVANCED · 30 MIN Background Jobs and Queues Logging and Observability · 25 min ADVANCED · 25 MIN Logging and Observability Error Handling · 20 min CORE · 20 MIN Error Handling OWASP Top 10 — security basics · 30 min ADVANCED · 30 MIN OWASP Top 10 — security bas… Unit and Integration Tests (PHP) · 30 min ADVANCED · 30 MIN Unit and Integration Tests … Environment Configuration · 15 min CORE · 15 MIN Environment Configuration Deploying on Shared Hosting · 25 min CORE · 25 MIN Deploying on Shared Hosting Rate Limiting and Throttling · 20 min ADVANCED · 20 MIN Rate Limiting and Throttling API Versioning · 20 min ADVANCED · 20 MIN API Versioning

Foundation

1
HTTP Fundamentals
The protocol that makes the browser talk to the server: requests, responses, status codes, headers.
25 minutes
2
Request/Response Cycle
How a request reaches your code and the response goes back. Middlewares, parsing, lifecycle.
20 minutes
3
PHP Fundamentals
Variables, functions, arrays, classes, namespaces. Modern PHP for real backends.
35 minutes
4
Node.js Fundamentals
JavaScript on the server: event loop, modules, npm, the simplest HTTP server.
35 minutes
6
SQL Fundamentals
Query and modify a relational database: SELECT, JOIN, GROUP BY, indexes.
30 minutes

Core

5
Routing and MVC
Map URLs to controllers and views. The pattern that organizes 90% of web apps.
30 minutes
7
Database Modelling
Tables, relations, normalization, foreign keys. Design first, code later.
30 minutes
8
ORM Basics
Why ORMs exist, when they help, when raw SQL beats them.
25 minutes
9
Migrations and Schema Versioning
Evolve the database safely from dev to prod, in version control.
20 minutes
10
Authentication: sessions and bcrypt
Email + password login done right: hashing, sessions, logout, brute-force protection.
30 minutes
11
Designing a REST API
URL conventions, HTTP methods, status codes, pagination, errors. The API others love using.
30 minutes
12
JSON Input Validation
Reject invalid input early; consistent error responses.
20 minutes
16
Error Handling
Exceptions, try/catch, never swallow errors silently.
20 minutes
19
Environment Configuration
.env, secret rotation, dev/staging/prod parity.
15 minutes
20
Deploying on Shared Hosting
cPanel, .htaccess, FTP/SSH, real constraints of cheap hosts.
25 minutes

Advanced

13
Caching Strategies
HTTP cache, in-memory cache (Redis), invalidation. The hard problems.
30 minutes
14
Background Jobs and Queues
Long work outside the request: cron, workers, retry, dead-letter.
30 minutes
15
Logging and Observability
Logs, metrics, traces. Find the cause when something breaks at 2am.
25 minutes
17
OWASP Top 10 — security basics
The 10 most common vulnerability families and how to prevent them in everyday code.
30 minutes
18
Unit and Integration Tests (PHP)
PHPUnit, fixtures, mocks vs real DB, CI integration.
30 minutes
21
Rate Limiting and Throttling
Stop abusive clients without blocking real ones.
20 minutes
22
API Versioning
Evolve a public API without breaking existing clients.
20 minutes