New Year’s 2021/2022 Holiday Hours

Our business offices will be closed on Friday, December 31 to observe the US legal holiday. As always, our support staff will be providing same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until Monday, and telephone support (via callbacks) will be available only for urgent problems.

PHP versions 7.4.27 and 8.0.14

The PHP developers recently released versions 7.4.27 and 8.0.14 that fix several bugs. We’ve upgraded the PHP 7.4 and 8.0 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

Protection against setting the WordPress default “role” to “Administrator”

If you use WordPress, and you allow strangers to register for WordPress accounts (which isn’t usually a good idea, but some plugins require it), it’s possible to accidentally configure it so that those new users get created as WordPress administrators. That can happen simply by doing this:

Allowing this is a serious flaw that was supposed to be fixed in WordPress itself some time ago, but the problem still exists.

We don’t think it’s reasonable to ever create new users as “Administrators” by default, regardless of whether you have “anyone can register” turned on. (Even if “anyone can register” is turned off now, it would be easy to turn it on later without remembering to change the default role back.)

To make sure our customers’ sites stay secure, we’ve added some protections against this:

  • Setting the “New User Default Role” to “Administrator” is blocked at the Web Application Firewall (mod_security) level on our servers, whether from the WordPress dashboard or from any other web request;
  • If it somehow gets set anyway, our security systems will detect it as part of the daily security scan we do of every site;
  • If your site already had this setting as of today, we’ve restored it to the default “Subscriber” role.

Nobody should notice any changes as a result of this, but as always, don’t hesitate to contact us if you have any questions or difficulties.

Christmas 2021 Holiday Hours

Our business offices will be closed on Friday, December 24 to observe the US legal holiday.

As always, our support staff will be providing same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until Monday, and telephone support (via callbacks) will be available only for urgent problems.

Our servers are not vulnerable to the December 2021 Log4Shell / Log4j security bug

Customers have asked us whether our servers are vulnerable to the recent serious security bug (called “Log4Shell”) in software named “Log4j”.

The good news is that we don’t use the Log4j software anywhere on our servers, and never have. We’ve verified in multiple ways that our servers are not vulnerable to this problem.

That said, we always believe in “defense in depth” when it comes to security, so we’ve also added rules to our web application firewall that will block any IP addresses making attempts to exploit this bug.

Brief outage for “My Account” control panel

Between 5:18 PM and 5:41 PM Pacific time today, our “My Account” control panel was intermittently unavailable. This problem has been fixed and services are operating normally; we apologize for any inconvenience this caused.

Thanksgiving 2021 Holiday Hours

Our business offices will be closed on Thursday, November 25 to observe the US legal holiday for Thanksgiving.

As always, we’ll provide same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until Friday, and telephone support (via callbacks) will be available only for urgent problems.

PHP versions 7.4.26 and 8.0.13

The PHP developers recently released versions 7.4.26 and 8.0.13 that fix several bugs. We’ve upgraded the PHP 7.4 and 8.0 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

PHP version 7.3.33

The PHP developers recently released version 7.3.33 that fixes a security bug. We’ve upgraded the PHP 7.3 series on our servers as a result.

This change should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.

PHP versions 7.4.25 and 8.0.12

The PHP developers recently released versions 7.4.25 and 8.0.12 that fix several bugs. We’ve upgraded the PHP 7.4 and 8.0 series on our servers as a result.

These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.