The PHP developers recently released versions 7.0.6, 5.6.21 and 5.5.35 that fix several bugs. We’ve upgraded the PHP 7.0, 5.6 and 5.5 series on our servers as a result.
These changes should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to contact us.
WordPress 4.5 was recently released, and as always, we’ve updated our WordPress one-click installer to automatically install the latest version (actually now version 4.5.1) for new WordPress sites.
If you’ve previously installed an older version of WordPress, you should update it from within your WordPress Dashboard.
We’ve also modified our automatic installer to disable the built in theme and plugin file editor by default for new installations (existing installations are not affected).
This both improves security (many automated hacks and XSS attacks blindly try to use the editor) and avoids a problem we see happen often:
We think the editor shouldn’t be enabled for most people. It should be enabled only by developers (and very brave developers who make good backups, at that). Developers can easily enable it by editing the wp-config.php file to remove the “DISALLOW_FILE_EDIT” line.
Update 2016-05-26: We have removed the customization that disabled the built-in theme and plugin editors because several customers said it is an integral part of their workflow. All new installations will have the standard theme and plugin editors functionality.
The authors of the Mailman mailing list software we provide for customers have recently released version 2.1.22 to fix several bugs.
We’ve upgraded the Mailman software on our servers as a result.
Users of Mailman lists shouldn’t notice any changes, but as always, don’t hesitate to contact us if you have any questions or see any problems.
The authors of the Mailman mailing list software we provide for customers have recently released version 2.1.21 to fix several bugs.
We’ve upgraded the Mailman software on our servers as a result.
Users of Mailman lists shouldn’t notice any changes, but as always, don’t hesitate to contact us if you have any questions or see any problems.
The PHP developers recently released versions 7.0.5, 5.6.20 and 5.5.34 that fix several bugs. We’ve upgraded the PHP 7.0, 5.6 and 5.5 series on our servers as a result.
These changes should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to contact us.
For a long time, our mail system has blocked many malicious filename extensions.
Recently, we’ve seen an increase in “.js” files that spread various forms of malware. These change their “patterns” often enough that they’re sometimes not detected by virus scanners.
Legitimate “.js” files are common in e-mail, so it’s impossible to block them outright. (They’re often sent as part of a package of website files — for example, a zipped copy of the WordPress files contains them.)
However, legitimate “.js” files almost always occur as part of an archive containing other files. They almost never occur alone, as they do in the malware versions.
Because of that, our e-mail system now blocks “.zip” files that contain only a single “.js” file, on the assumption that they’re almost certainly malicious.
We don’t expect this to cause any problems, but as always, don’t hesitate to contact us if you have any questions or trouble.
The PHP developers recently released versions 7.0.4, 5.6.19 and 5.5.33 that fix several bugs. We’ve upgraded the PHP 7.0, 5.6 and 5.5 series on our servers as a result.
These changes should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to contact us.
We’ve updated the SSL/TLS security settings on our mail servers to match current “best practices” for security.
Our customers shouldn’t notice any changes. We’re just mentioning this so that people know to contact us in the unlikely event they do have any trouble.
That said, if you do have any trouble, it’s probably because you’re using outdated, insecure mail software that you should update. If you can’t update it, but the changes prevent you from sending mail with the “SSL” option turned on in your program, you may need to turn off the “SSL” option for outgoing mail until you can update.
The PHP developers recently released versions 7.0.3, 5.6.18 and 5.5.32 that fix several bugs. We’ve upgraded the PHP 7.0, 5.6 and 5.5 series on our servers as a result.
These changes should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to contact us.
In addition, we’ve added a “patch” to PHP on our systems that will help avoid an issue that can cause WordPress sites to stop working when using poorly-written plugins or themes.
We’ve updated the AWStats software we use to generate website statistics. The statistics beginning January 1, 2016 use the latest version 7.4.
This version has support for newer browsers, operating systems, and search engines, and is somewhat better at identifying and filtering out traffic from non-human visitors. This may mean your statistics show a slight reduction in human visitors (and a slight increase in non-human visitors, shown as “Not viewed traffic”) starting January 1, 2016, particularly on sites that aren’t very busy.
We should probably mention that if you’re relying on AWStats for information about the behavior of human visitors, you can usually get more accurate statistics using Google Analytics, which works in a different way than simply analyzing log data after the fact. We have a page explaining more about the difference between AWStats and Google Analytics.
