Due to a problem with the Mailman list management software, some Mailman list mail sent yesterday (December 2) and this morning (December 3) was delayed (although most was delivered normally).
We’ve resolved this. All delayed list mail has been delivered, although some messages may have arrived out of order due to the delay.
Between 9:00 PM and 11:59 PM Pacific time on Friday October 24 2014, the MySQL database software on each of our servers will be upgraded from version 5.5.38 to 5.5.40. This will cause an approximately 60 second interruption of service on each MySQL-using customer Web site at some point during this period.
This upgrade is necessary for security reasons. We apologize for the inconvenience this causes.
Update 9:23 PM Pacific time: The maintenance was completed and all services are running normally.
This post describes a significant change in the way Web browsers recognize certain kinds of SSL certificates. We’re making sure that all SSL certificates bought from us are compatible with this change, and most customers can ignore the rest of this post, which has technical details.
Update October 14: This process described below is complete. All the updates were installed, and we’re now using only Debian wheezy on all servers.
Over the last year, we’ve been slowly upgrading our servers from Debian Linux version 6 (codename “squeeze”) to version 7 (codename “wheezy”).
All the “prominent” software (such as the Apache Web server, MySQL, PHP, the Linux kernel, and so on) was updated months ago, one piece at a time, usually with individual announcements here on our blog. Any software with security or compatibility issues has also already been upgraded.
What’s left at the end of that process are many “minor” packages, each probably used by less than 1% of our customers. We’ll be upgrading the rest of these over the next 30 days.
Between 5:29 and 5:42 PM Pacific time, one of our upstream network providers had connectivity problems, causing many people to be unable to reach any of our servers.
We have resolved this by removing that provider from our network while we investigate the issue with them, and all services are now working normally.
Earlier today (August 29, 2014), some people in the US Southeast who use certain ISPs were unable to reach our servers. This was caused by a problem at a third party that has been resolved.
If your site uses an SSL certificate from us, our servers now provide an important feature called perfect forward secrecy.
Between 5:18 and 5:23 PM Pacific time today (Wednesday August 13, 2014), the
“web06” server experienced very high “load” due to a runaway MySQL database process. Other servers were not affected.
This caused an outage lasting approximately 5 minutes for all sites hosted on web06.
Between 9:00 PM and 11:59 PM Pacific time on Saturday August 9 2014, the MySQL database software on each of our servers will be upgraded from version 5.5.35 to 5.5.38. This will cause an approximately 30 second interruption of service on each MySQL-using customer Web site at some point during this period.
This upgrade is necessary for security reasons. We apologize for the inconvenience this causes.
Update 9:43 PM Pacific time: The maintenance was completed and all services are running normally.
Over the last few days, we’ve been tracking an ever-increasing distributed attack on the WordPress xmlrpc.php service.
We’ve previously seen and blocked attacks on this file that tried to post spam comments or act as a denial of service amplifier, but this attack is different: it tries to guess WordPress usernames and passwords.
As a result, we’ve applied more aggressive blocking than usual to the attack. It’s remotely possible that the blocking could cause legitimate third-party WordPress “apps” and services to be unable to access your blog (although it can’t cause problems when just visiting WordPress in a normal Web browser); don’t hesitate to contact us if you’re one of our customers having trouble.
Just so it’s clear, we’ve blocked this attack for all our hosting customers. But the rest of this post has some technical details that may help other people trying to do the same.
