Our servers are not vulnerable to the bug in “bash”

We’ve had a couple of people ask if our servers are vulnerable to the recent security bug in the bash shell, also known as the “shellshock” bug.

The answer is no. All copies of bash on all our servers were updated to a fixed (patched) version yesterday, within an hour of the news becoming public.

Update September 25, 2:58 PM: We’ve also applied a later, stronger version of the fix today. This will soon be announced as Debian Security Advisory DSA-3035-1 .

Upcoming Debian “wheezy” software upgrades

Over the last year, we’ve been slowly upgrading our servers from Debian Linux version 6 (codename “squeeze”) to version 7 (codename “wheezy”).

All the “prominent” software (such as the Apache Web server, MySQL, PHP, the Linux kernel, and so on) was updated months ago, one piece at a time, usually with individual announcements here on our blog. Any software with security or compatibility issues has also already been upgraded.

What’s left at the end of that process are many “minor” packages, each probably used by less than 1% of our customers. We’ll be upgrading the rest of these over the next 30 days.

Read the rest of this entry »

WordPress 4.0

WordPress 4.0 was recently released, and as always, we’ve updated our WordPress one-click installer to automatically install the latest version for new WordPress sites.

If you’ve previously installed an older version of WordPress, you should update it from within your WordPress Dashboard.

We strongly recommend keeping your WordPress installation up to date (and using unguessable passwords)! You should first update the active theme and plugins, then delete all inactive themes and plugins, and then update the core WordPress files.

Network interruption August 29 2014 (resolved)

Between 5:29 and 5:42 PM Pacific time, one of our upstream network providers had connectivity problems, causing many people to be unable to reach any of our servers.

We have resolved this by removing that provider from our network while we investigate the issue with them, and all services are now working normally.

Routing problem for some East Coast users August 29 2014 (resolved)

Earlier today (August 29, 2014), some people in the US Southeast who use certain ISPs were unable to reach our servers. This was caused by a problem at a third party that has been resolved.

Read the rest of this entry »

September 1, 2014 Labor Day holiday hours

Our business offices will be closed on Monday, September 1 to observe the US Labor Day legal holiday. As always, we’ll provide same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until Tuesday, and telephone support (via callbacks) will be available only for urgent issues.

Ruby updated to version 1.9.3

We’ve updated the default version of the Ruby scripting language on our servers from 1.8.7 to 1.9.3.

Read the rest of this entry »

Our SSL servers support “perfect forward secrecy”

If your site uses an SSL certificate from us, our servers now provide an important feature called perfect forward secrecy.

Read the rest of this entry »

High load on web06 server (resolved)

Between 5:18 and 5:23 PM Pacific time today (Wednesday August 13, 2014), the
web06” server experienced very high “load” due to a runaway MySQL database process. Other servers were not affected.

This caused an outage lasting approximately 5 minutes for all sites hosted on web06.

Read the rest of this entry »

Brief MySQL scheduled maintenance August 9 2014 (completed)

Between 9:00 PM and 11:59 PM Pacific time on Saturday August 9 2014, the MySQL database software on each of our servers will be upgraded from version 5.5.35 to 5.5.38. This will cause an approximately 30 second interruption of service on each MySQL-using customer Web site at some point during this period.

This upgrade is necessary for security reasons. We apologize for the inconvenience this causes.

Update 9:43 PM Pacific time: The maintenance was completed and all services are running normally.