PHP 7.3 series is now the default for new accounts

The PHP 7.3 series has been out long enough that all modern script software should be compatible with it, and the authors of popular scripts like WordPress recommend using it. Because of that, we’re making PHP 7.3 the default for new customers.

We haven’t changed the version for any existing accounts, but we recommend that all customers use PHP 7.3 if possible. PHP 7.3 is slightly faster than PHP 7.2 and around twice as fast as PHP 5. If you care about your site’s speed (and you should), always use the newest version of PHP that’s compatible with your scripts. Our Why Update PHP? page explains more about PHP version updates.

WordPress 5.2

WordPress 5.2 was recently released, and as always, we’ve updated our WordPress one-click installer to automatically install the latest version for new WordPress sites. WordPress 5.2 works fine on our servers (make sure you’re using a recent version of PHP for your site).

If you’ve previously installed an older version of WordPress, you should update it from within your WordPress Dashboard.

PHP 7.1.29, 7.2.18 and 7.3.5

The PHP developers recently released versions 7.1.29, 7.2.18 and 7.3.5 that fix several bugs. We’ve upgraded the PHP 7.1, 7.2 and 7.3 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

Our Web servers now ignore consecutive slashes in URLs

Today our servers began using an updated version of the Apache web server software that adds a new security feature: it collapses and ignores consecutive slashes in URLs it receives (among other security fixes).

For example, this URL (note the two slashes between “admin” and “options”):

 https://www.example.com/wp-admin//options-permalink.php

… would now be treated exactly as if the web server had been sent:

 https://www.example.com/wp-admin/options-permalink.php

This feature ensures that “hackers” cannot add extra slashes to bypass rules intended to restrict access to certain URLs. (The example above is a real security problem in WordPress from 2009 — it allowed hackers to access the permalink screen because the access restrictions were only applied to the exact pattern “/wp-admin/options-permalink.php”, and not to variations like “/wp-admin//options-permalink.php”.)

This change should not cause any problems, and our customers should not notice any change.

However, in the unlikely event that you have intentionally written script code that behaves differently when it sees two consecutive slashes in a URL instead of one slash, you would need to change your code to not rely on that behavior. (Two consecutive slashes in the path of a URI are not valid anyway, and other web servers will remove them by default, so relying on it would be unreliable to start with.)

As always, don’t hesitate to contact us if you have any questions or difficulties.

PHP 7.1.28, 7.2.17 and 7.3.4

The PHP developers recently released versions 7.1.28, 7.2.17 and 7.3.4 that fix several bugs. We’ve upgraded the PHP 7.1, 7.2 and 7.3 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

Brief outage on web11 server March 20, 2019 (resolved)

There was a brief interruption of service for customer websites on the “web11” server this morning (March 20, 2019) between 7:24 AM and 7:34 AM Pacific time.  (Other servers were not affected.)

This problem was caused by a bug in a script that resulted in a configuration error. The bug has been fixed so that it will not recur.

We apologize for the trouble this caused customers who were affected.

IPv6 enabled for new sites by default (and eventually for older sites, too)

We’ve supported IPv6 on customer websites for many years, but it didn’t default to “on”: customers had to explicitly enable it in our account management control panel.

Starting today, IPv6 is on by default for all new accounts signed up with us (although you can turn it off if you want).

In addition, we’re beginning a gradual process of slowly enabling IPv6 for existing sites if they haven’t chosen to disable it. If you don’t want IPv6 to be enabled for your site in the future, you should use our control panel to disable it.

Read the rest of this entry »

PHP 7.1.27, 7.2.16 and 7.3.3

The PHP developers recently released versions 7.1.27, 7.2.16 and 7.3.3 that fix several bugs. We’ve upgraded the PHP 7.1, 7.2 and 7.3 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

President’s Day 2019 holiday hours

Our business offices will be closed on Monday, February 18 to observe the US legal holiday. As always, we’ll provide same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until the next day, and telephone support (via callbacks) will be available only for urgent problems.

PHP 7.2.15 and 7.3.2

The PHP developers recently released versions 7.2.15 and 7.3.2 that fix several bugs. We’ve upgraded the PHP 7.2 and 7.3 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.