Brief scheduled maintenance on July 9, 2015 for web11 & web12 servers (completed)

Between 10:00 PM and 11:59 PM Pacific time on Thursday, July 9, the “web11” and “web12” servers will be restarted. This will cause a brief interruption of service (less than 10 minutes) for sites on these two servers at some point during this 2 hour period. No other servers will be affected.

Read the rest of this entry »

Independence Day 2015 holiday hours

Our business offices will be closed on Friday, July 3 to observe the US legal holiday. As always, we’ll provide same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until the next business day (i.e., Monday), and telephone support (via callbacks) will be available only for urgent problems.

PHP 5.4.42, 5.5.26 and 5.6.10

The PHP developers recently released versions 5.4.42, 5.5.26 and 5.6.10 that fix several bugs. We’ve upgraded PHP 5.4, 5.5 and 5.6 on our servers as a result.

In addition, ionCube Loader has been updated to the current version 5.0.10.

These changes should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to contact us.

Our servers are compatible with 2015 PayPal security upgrades

Recently, PayPal has been sending notifications to merchants who use the “PayPal API”, discussing some changes they’re making. If you are one of our customers and you have received this e-mail from PayPal, you may be wondering if you need to do anything. The short answer is that you don’t; the change is being made entirely on the PayPal servers, and our service is fully compatible.

Read the rest of this entry »

Brief scheduled maintenance on June 6, 2015 for web13 & web14 servers (completed)

Between 10:00 PM and 11:59 PM Pacific time on Saturday, June 6, the “web13” and “web14” servers will be restarted. This will cause a brief interruption of service (less than 10 minutes) for sites on these two servers at some point during this 2 hour period. No other servers will be affected.

Read the rest of this entry »

PHP 5.4.41, 5.5.25 and 5.6.9

The PHP developers recently released versions 5.4.41, 5.5.25 and 5.6.9 that fix several bugs. We’ve upgraded PHP 5.4, 5.5 and 5.6 on our servers as a result.

In addition, ionCube Loader has been updated to the current version 5.0.6.

These changes should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to contact us.

Memorial Day 2015 holiday hours

Our business offices will be closed on Monday, May 25 to observe the US legal holiday. As always, we’ll provide same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until the next day, and telephone support (via callbacks) will be available only for urgent problems.

Cleaning compromised sites while moving them to Tiger Technologies

One issue we (unfortunately) have lots of experience with is fixing a WordPress site after we discover it’s been “hacked”. We have many tools in place to catch this when it happens, and in most cases we can then use our logs and file timestamps to:

  • find the exact time the site was compromised;
  • identify the underlying security problem (almost always an outdated plugin or theme);
  • restore an uninfected copy of the site from a backup;
  • update the plugin or theme to prevent a recurrence.

However, there’s one case where this doesn’t work: when a customer is migrating a compromised site from another hosting company to ours, so we don’t have logs, accurate timestamps, or backups from the time of the problem. If the customer doesn’t know what happened, the site is almost certainly still vulnerable to “hackers”. Security experts agree that in this situation, the only safe course is to start over with a new set of script files.

However, when we make this recommendation to customers, we often hear something that surprises us. They tell us they’ve removed the individual files our tools identified as malicious, but they don’t think they need to do anything else because the rest of the site seems fine. This is rarely true, for two reasons.

Read the rest of this entry »

Mailman mailing list software upgraded to version 2.1.20; Mailman 3 status

The authors of the Mailman mailing list software we provide for customers have recently released versions 2.1.19 and 2.1.20 to fix several bugs.

We’ve upgraded the Mailman software on our servers from version 2.1.18 to 2.1.20 as a result.

Users of Mailman lists shouldn’t notice any changes, but as always, don’t hesitate to contact us if you have any questions or see any problems.

Read the rest of this entry »

Disabling SSLv3 and TLS 1.0

If you use an SSL certificate on a site you host with us, we now offer more control over the SSL/TLS protocol versions your site uses.

Old protocol versions, including SSL version 3 (“SSLv3″) and TLS version 1.0, are no longer considered secure. You can now disable these to improve security, at the expense of preventing some older, less-secure browsers from making SSL or TLS connections. Some credit card companies are starting to require that SSLv3 and TLS 1.0 both be disabled.

Read the rest of this entry »