Between 5:18 and 5:23 PM Pacific time today (Wednesday August 13, 2014), the
“web06” server experienced very high “load” due to a runaway MySQL database process. Other servers were not affected.
This caused an outage lasting approximately 5 minutes for all sites hosted on web06.
Between 9:00 PM and 11:59 PM Pacific time on Saturday August 9 2014, the MySQL database software on each of our servers will be upgraded from version 5.5.35 to 5.5.38. This will cause an approximately 30 second interruption of service on each MySQL-using customer Web site at some point during this period.
This upgrade is necessary for security reasons. We apologize for the inconvenience this causes.
Update 9:43 PM Pacific time: The maintenance was completed and all services are running normally.
Google is fairly aggressive about checking for malware on Web sites. When they find a site distributing malware, they make a note of the details and try to warn visitors.
The PHP developers recently released versions 5.4.31 and 5.5.15 that fix several bugs. We’ve updated PHP 5.4 and 5.5 on our servers as a result.
One of our customers asked if multiple domain names hosted with us are vulnerable to “website cross-contamination”, a nasty security problem that can happen when two different sites share the same “account” on many hosting companies.
The answer is no. We intentionally handle multiple hosted domain names differently from the way most hosting companies handle extra hosted domain names, avoiding the problem.
Over the last few days, we’ve been tracking an ever-increasing distributed attack on the WordPress xmlrpc.php service.
We’ve previously seen and blocked attacks on this file that tried to post spam comments or act as a denial of service amplifier, but this attack is different: it tries to guess WordPress usernames and passwords.
As a result, we’ve applied more aggressive blocking than usual to the attack. It’s remotely possible that the blocking could cause legitimate third-party WordPress “apps” and services to be unable to access your blog (although it can’t cause problems when just visiting WordPress in a normal Web browser); don’t hesitate to contact us if you’re one of our customers having trouble.
Just so it’s clear, we’ve blocked this attack for all our hosting customers. But the rest of this post has some technical details that may help other people trying to do the same.
We often get reports from customers saying they’ve been blocked from their WordPress sites with a strange generic error message or blank page.
When we investigate, it’s common to find that it happened because they installed a security plugin that has made a mistake — a “false positive” — and blocked the site owner.
A customer recently reported problems when forwarding mail sent from a “@cs.com” CompuServe address to a Yahoo or Gmail address. Yahoo completely rejects the forwarded message and Gmail puts it in a “spam” folder.
This is caused by a misconfiguration at cs.com, and happens whenever anyone, anywhere, forwards @cs.com mail. It’s not related to our service in particular. However, we’ve reported this to cs.com in the hope that they’ll fix it.
Until they do so, there’s no way to avoid this problem except by having the sender send mail directly to the final destination address, or converting the forwarding address to a mailbox. (This problem is another example of the general rule that “a mailbox is usually more reliable than a forwarding address, because forwarding involves two places where things can go wrong instead of just one”.)
Our business offices will be closed on Friday, July 4 to observe the US legal holiday. As always, we’ll provide same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until the next business day (i.e., Monday), and telephone support (via callbacks) will be available only for urgent problems.
- Our SSL servers support “perfect forward secrecy”
- High load on web06 server (resolved)
- Brief MySQL scheduled maintenance August 9 2014 (completed)
- Google malware warnings
- PHP 5.4.31 and 5.5.15
- Sites hosted with us aren’t subject to website “cross-contamination”
- Blocking more WordPress xmlrpc.php attacks
- WordPress security plugins that hide the source of blocking
- Problems with mail forwarding from “@cs.com” addresses
- 4th of July 2014 holiday hours