Yesterday, Internet security researchers announced discovery of the Heartbleed SSL security bug. This bug allows attackers to bypass SSL encryption on servers that use certain versions of software called “OpenSSL”.
Our servers are not, and never have been, vulnerable to this bug, because we’ve never used the affected versions of the OpenSSL software. Our customers are not affected by it in any way.
Between 10:41 and 10:49 AM Pacific time today (March 25, 2014), some MySQL database queries on the web12 server ran very slowly and caused “timeouts” for scripts. (No other servers were affected.)
The problem is fixed, and we’ve added an automated check to prevent it from recurring.
The PHP developers recently released versions 5.4.26 and 5.5.10 that fix several bugs. We’ve updated PHP 5.4 and 5.5 on our servers as a result.
The PHP developers recently released versions 5.4.25 and 5.5.9 that fix several bugs. We’ve updated PHP 5.4 and 5.5 on our servers as a result.
We’ve updated phpMyAdmin to the latest version, 4.1.8.
Some customers using very old e-mail programs (such as Microsoft Entourage and Netscape Mail) have complained that their programs have started showing a warning that the “Certificate Authority Is Expired” or “Unable to establish a secure connection”. These old e-mail programs have certificates for common “root certificate authorities” built into them, with expiration dates that have now passed. There is no way to update the root certificates which are built into these old programs, unfortunately, so these e-mail programs will always complain that the root certificates are expired and thus no longer valid. This is not a problem with our e-mail servers, but instead is a problem with the old e-mail programs — they were never expected to be used this long.
If this is happening to you, there are three possible actions.
The PHP developers recently released versions 5.4.24 and 5.5.8 that fix several bugs. We’ve updated PHP 5.4 and 5.5 on our servers as a result.
The PHP 5.3 version (5.3.28) was not changed.
These changes should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to let us know.
We occasionally hear from customers saying “my WordPress site suddenly got so slow it’s unusable”. When we look into these, the usual cause is that:
The PHP developers recently released versions 5.3.28, 5.4.23, and 5.5.7 that fix several bugs. We’ve upgraded PHP 5.3, 5.4 and 5.5 on our servers as a result.
These changes should not be noticeable, but in the unlikely event you experience any trouble, don’t hesitate to let us know.
WordPress 3.8 was recently released, and as always, we’ve updated our WordPress one-click installer to automatically install the latest version for new WordPress sites.
If you’ve previously installed an older version of WordPress, you should update it from within your WordPress Dashboard.
