Mail server SSL certificate renewed

We’ve renewed the SSL certificate on our mail servers (because it was due to expire soon).

Almost all customers shouldn’t notice any change, but if you read e-mail using a secure connection with an unusual mail program that doesn’t handle SSL connections properly, you might be asked to “accept” the new certificate.

Read the rest of this entry »

PHP 5.4.39, 5.5.23 and 5.6.7

The PHP developers recently released versions 5.4.39, 5.5.23 and 5.6.7 that fix several bugs. We’ve upgraded PHP 5.4, 5.5 and 5.6 on our servers as a result.

These changes should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to contact us.

Our servers are not vulnerable to the “FREAK Attack” SSL security bug

A couple of customers have asked if our servers are vulnerable to the FREAK attack SSL security bug.

The answer is no: we don’t use the weak “export grade ciphers suites” that are affected by the bug, so no site hosted on our servers is vulnerable. You can verify this with the FREAK attack server check tool.

Additional filename attachments, including “.exe”, now blocked in e-mail

For a long time, our mail system has blocked obviously malicious filenames like “443645787823424455.scr”, “Invoice.pdf.exe”, and so on, even if they aren’t actually flagged by the antivirus software we use (which can happen if they’re new viruses that don’t yet have matching patterns).

Recently, we’ve seen a dramatic increase in simpler names where the virus author doesn’t even try to hide the fact that it’s a program: things as simple as “Invoice.exe” in a zip file. We’ve received a couple of reports that people unzipped these, ran them, and clicked past the Windows warning saying that programs from the Internet can harm your computer — perhaps assuming that if it wasn’t flagged by either our virus scanner or the virus scanner on their own computer, it must be okay.

We want to make sure our customers never fall victim to anything like this, so we’ve expanded our blocked filename patterns to include simple “.exe” files (and other additions). This may very occasionally reject legitimate messages with an error asking the sender to rename the file and resend it, but it will solve far more problems than it causes.

We’re using the same list of filename extensions that Gmail uses — if we block it, Gmail would block it, too. You can find more information on our support page about virus scanning.

Read the rest of this entry »

web11 server outage March 4, 2015 (resolved)

On March 4, the “web11” server spontaneously rebooted at around 11:50 AM and again at around 1:45 PM, causing brief outages each time.

Read the rest of this entry »

PHP 5.6 series now experimentally available

We’ve added experimental support for the new PHP 5.6 series, although the default for new accounts remains PHP version 5.5 for now.

Adventurous customers can choose PHP 5.6 as a new option in our My Account control panel. Keep in mind that some scripts are not yet compatible with PHP 5.6, and there may be unexpected problems because it’s new and relatively untested.

If you try it and have any trouble, contact us and we’ll do our best to help.

PHP 5.4.38 and 5.5.22

The PHP developers recently released versions 5.4.38 and 5.5.22 that fix several bugs. We’re upgrading PHP 5.4 and 5.5 on our servers as a result. This will be complete on all servers within 24 hours.

These changes should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to contact us.

Internet problems for some Comcast users Feb 19 2015 (resolved)

2:16 PM Pacific time: We’re receiving scattered reports that some Comcast users, particularly in the San Francisco Bay Area, are unable to reach some sites on our servers (but others are fine).

This appears to be a general Comcast problem; there are many similar reports on Twitter unrelated to us.

Update: The problems were resolved by Comcast at 4:23 PM Pacific time, according to several Internet reports and our own testing.

President’s Day 2015 holiday hours

Our business offices will be closed on Monday, February 16 to observe the US legal holiday. As always, we’ll provide same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until the next day, and telephone support (via callbacks) will be available only for urgent problems.

Brief MySQL scheduled maintenance January 30, 2015 (completed)

Between 9:00 PM and 11:59 PM Pacific time on Friday January 30 2015, the MySQL database software on each of our servers will be upgraded from version 5.5.40 to 5.5.41. This will cause an approximately 60 second interruption of service on each MySQL-using customer Web site at some point during this period.

This upgrade is necessary for security reasons. We apologize for the inconvenience this causes.

Update 9:57 PM Pacific time: The maintenance was completed and all services are running normally.