phpMyAdmin updated to version 4.8.3

We’ve updated phpMyAdmin to the latest version, 4.8.3.

Read the rest of this entry »

Mailman mailing list software upgraded to version 2.1.29

The authors of the Mailman mailing list software we provide for customers have recently released version 2.1.29 to fix several bugs.

We’ve upgraded the Mailman software on our servers as a result.

Users of Mailman lists shouldn’t notice any changes, but as always, don’t hesitate to contact us if you have any questions or see any problems.

PHP 5.6.37, 7.0.31, 7.1.20 and 7.2.8

The PHP developers recently released versions 5.6.37, 7.0.31, 7.1.20, and 7.2.8 that fix several bugs. We’ve upgraded the PHP 5.6, 7.0, 7.1, and 7.2 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

Extortion scams that know one of your passwords

We’ve seen a few reports recently of customers receiving messages that begin something like this:

I’m going to cut to the chase. I am aware [redacted] is your pass word. More to the point, I know your secret and I’ve evidence of your secret. You don’t know me personally and no one paid me to examine you.

The message then goes on to demand money in order to not reveal your “secret”.

These are a scam; you should ignore them. The mail is sent in bulk by spammers to millions of people, just like any other spam, and they know nothing about you beyond your email address and a password they stole from another site. Our filters block most of these, but unfortunately no filter can block all spam messages (the spammers are constantly changing them to get around the blocking).

You can find more information on sites like Sophos and Krebs on Security.

Read the rest of this entry »

HTTP/2 support for all sites (completed)

Update June 13, 2018: This is complete, and HTTP/2 is now used on all websites we host.

We’ve updated the Apache web server software we use from version 2.4.25 to 2.4.33, which allows us to add support for the newer HTTP/2 protocol.

HTTP/2 is enabled for our own tigertech.net sites and a small number of our customer sites now, and we’ll be gradually rolling out this feature to all sites over the next few weeks. (We’ll update this post when that’s completely finished.)

Customers should not see any problems or downtime. We’re mentioning it here just so that customers who do notice a change for some reason will know about it. As always, don’t hesitate to contact us if you have any trouble.

Read the rest of this entry »

Apache 2.4.25 web server upgrade (completed)

Update May 22, 2018: The change described below is complete on all servers.

Over the next few days, we’ll be updating the software used on each web server from Apache version 2.4.10 to 2.4.25.

Customers should not notice any changes or downtime. We’re mentioning it here just so that customers who do notice a change for some reason will know about it.

This is part of a series of software upgrades to allow us to add support for the newer HTTP/2 protocol on all sites in the near future.

As always, don’t hesitate to contact us if you have any trouble.

Having trouble with Outlook 2011 for Mac and SSL?

A couple of customers have recently contacted us about problems with Outlook 2011 for Mac when it’s configured to make SSL connections.

Outlook 2011 for Mac has a bug: It tries to use the long-obsolete “SSLv2” protocol that is no longer supported on modern mail servers, including ours. If your network also uses a very common kind of firewall that prevents “client-initiated SSL/TLS session renegotiation”, SSL connections will simply fail.

The best solution to this is to upgrade to a modern version of Outlook. Outlook 2016 for Mac, for example, doesn’t have this problem.

Read the rest of this entry »

PHP versions < 5.6 rebuilt (but please don't use them any more)

Although we haven’t offered the long-obsolete PHP 5.5 (and earlier) series to new customers for some time, some customers who signed up long ago are still using this version (or even earlier versions), despite our nagging you to upgrade 🙂

For those customers still using PHP 5.5 or earlier despite the nagging, this is just a quick note that we’ve “rebuilt” older versions of PHP for technical reasons to allow them to keep running on our systems. They now use slightly newer versions of various libraries, including libxml, FreeType, ImageMagick, MySQL, and OpenSSL, and they no longer support some old obsolete libraries, such as T1Lib. The rebuilt version will be deployed on all our servers within the next few hours.

These changes should not be noticeable. In the unlikely event you experience any trouble, don’t hesitate to contact us.

Read the rest of this entry »

PHP 5.6.36, 7.0.30, 7.1.17 and 7.2.5

The PHP developers recently released versions 5.6.36, 7.0.30, 7.1.17, and 7.2.5 that fix several bugs. We’ve upgraded the PHP 5.6, 7.0, 7.1, and 7.2 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

Apache 2.4 web server upgrade (complete)

Update May 3, 2018: The change described below is complete on all servers.

Over the next few days, we’ll be updating the software used on each web server from the Apache 2.2 series to the 2.4 series.

Customers should not notice any changes or downtime. We’re mentioning it here just so that customers who do notice a change for some reason will know about it.

While the Apache 2.4 series has some changes and new features, we’ve intentionally kept things compatible with older versions. In particular, we’re using mod_access_compat to ensure that existing “Allow / Deny” authorization directives work, and we’re using SSILegacyExprParser on to ensure that existing Server Side Includes work.

The Apache 2.4 series brings changes we’re using to improve our customers’ websites. For example, we’re already using OCSP stapling to speed up the initial connection to SSL sites in many browsers, and in the future we’ll be adding support for the newer HTTP/2 protocol. Neither of these were possible with older versions of Apache.

As always, don’t hesitate to contact us if you have any trouble.