The PHP developers recently released versions 7.0.17 and 7.1.3 that fix several bugs. We’ve upgraded the PHP 7.0 and 7.1 series on our servers as a result.
These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.
We’ve received a couple of reports that audio and video file uploads don’t work anymore in old WordPress versions (4.3.9 and lower). You instead see the message “HTTP error”. (This doesn’t affect uploads of images, PDF files, etc.; it affects things like MP3 files and movies.)
This is because of a bug in the WordPress software itself, which will presumably soon be fixed, and not related to our servers.
However, if this is happening to you, you’re using a very outdated version of WordPress. You should update to the current version 4.7.3, which is easy to do by clicking “Updates” in your WordPress dashboard. We recommend that you always update WordPress whenever it tells you to do so, because it avoids all sorts of problems.
We’ve upgraded our Apache Web server software to fix the security bug CVE-2016-8743.
Customers should not notice any changes, with one exception: If you’ve written your own software, and that software contains certain bugs that haven’t previously been noticed, the update may cause the bugs to be more visible.
The PHP developers recently released versions 7.0.16 and 7.1.2 that fix several bugs. We’ve upgraded the PHP 7.0 and 7.1 series on our servers as a result.
These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.
The PHP developers recently released versions 7.0.15 and 5.6.30 that fix several bugs. We’ve upgraded the PHP 7.0 and 5.6 series on our servers as a result.
In addition, we’re now providing support for the PHP 7.1 series, so PHP 7.1.1 is also available in our control panel.
Finally, the PHP 7.0 series has been out long enough that all modern script software should be compatible with it, and the authors of the WordPress software recommend it specifically. Because of that, we’re making PHP 7.0 the default for new customers, and we recommend that all customers switch to PHP 7. It’s almost twice as fast as old versions of PHP.
If you’re not yet using PHP 7 but you’d like your WordPress or other PHP-based site to seem snappier, or be able to handle twice as many visitors per second, you can easily do so:
Then test your site to make sure it works properly. If it does: Great, you’ve just made your site much faster! If it doesn’t, it’s probably because you’re using older scripts that haven’t yet been updated, and you can simply set PHP back to an earlier version for now. (But be sure to contact the authors of your scripts and ask when they will be compatible with PHP 7.)
As always, if you have any trouble, don’t hesitate to contact us.
We’re making a minor technical change to the SSH settings our servers use, removing obsolete and insecure ciphers like “3des-cbc”.
The changes are required to ensure that sites we host pass PCI compliance scans. The obsolete ciphers allowed SSH connections that appeared to be secure, but really weren’t.
This should not affect anything for our customers who use SSH, as long as you use modern, updated SSH software. We’re just documenting it in case anyone has difficulties with SSH connections.
If you do have any trouble, the solution is almost certainly to update your SSH client software, though — the program you’re using is probably pretty outdated and may also have trouble connecting to other servers, not just ours.
As always, don’t hesitate to contact us if you have any trouble or questions.
Many scripts that send e-mail include a file called PHPMailer. The file is distributed as part of WordPress, Joomla, Drupal, and lots more software.
Recently, a security researcher discovered a security bug in PHPMailer. The bug could allow “hackers” to take over a website.
However, sites hosted on our servers are not vulnerable to this problem. (Despite that, you should always update your copy of WordPress, Joomla, or any other software when there’s a new version available.)
The authors of the Joomla software announced that Joomla versions 1.6.0 through 3.6.4 have a critical security bug that allows “hackers” to take over a site (CVE-2016-9838).
The best solution for Joomla users is to update to version 3.6.5 immediately. However, we also added a security rule to our servers this evening to block this attack, based on an initial analysis.
The rule works by blocking attempts to register new Joomla users that contain certain kinds of invalid data; it allows only “expected” data. This could mean that if you’ve modified your Joomla user registration page in some unusual way, it might be incorrectly blocked. We’ll keep an eye out for this potential problem; don’t hesitate to contact us if you have any trouble.
The PHP developers recently released version 5.6.29 that fixes several bugs. We’ve upgraded the PHP 5.6 series on our servers as a result.
This change should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to contact us.
The PHP developers recently released version 7.0.14 that fixes several bugs. We’ve upgraded the PHP 7.0 series on our servers as a result.
This change should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to contact us.
