Between 5:58 and 6:04 AM Pacific time today (June 1, 2018), the “web04” server experienced a partial outage that led to some sites being unavailable or slow to respond.
The problem has now been resolved, and other servers were not affected. We apologize for the inconvenience this caused our customers.
Our business offices will be closed on Monday, May 28 to observe the US legal holiday. As always, we’ll provide same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until the next day, and telephone support (via callbacks) will be available only for urgent problems.
Update May 22, 2018: The change described below is complete on all servers.
Over the next few days, we’ll be updating the software used on each web server from Apache version 2.4.10 to 2.4.25.
Customers should not notice any changes or downtime. We’re mentioning it here just so that customers who do notice a change for some reason will know about it.
This is part of a series of software upgrades to allow us to add support for the newer HTTP/2 protocol on all sites in the near future.
As always, don’t hesitate to contact us if you have any trouble.
A couple of customers have recently contacted us about problems with Outlook 2011 for Mac when it’s configured to make SSL connections.
Outlook 2011 for Mac has a bug: It tries to use the long-obsolete “SSLv2” protocol that is no longer supported on modern mail servers, including ours. If your network also uses a very common kind of firewall that prevents “client-initiated SSL/TLS session renegotiation”, SSL connections will simply fail.
The best solution to this is to upgrade to a modern version of Outlook. Outlook 2016 for Mac, for example, doesn’t have this problem.
Although we haven’t offered the long-obsolete PHP 5.5 (and earlier) series to new customers for some time, some customers who signed up long ago are still using this version (or even earlier versions), despite our nagging you to upgrade 🙂
For those customers still using PHP 5.5 or earlier despite the nagging, this is just a quick note that we’ve “rebuilt” older versions of PHP for technical reasons to allow them to keep running on our systems. They now use slightly newer versions of various libraries, including libxml, FreeType, ImageMagick, MySQL, and OpenSSL, and they no longer support some old obsolete libraries, such as T1Lib. The rebuilt version will be deployed on all our servers within the next few hours.
These changes should not be noticeable. In the unlikely event you experience any trouble, don’t hesitate to contact us.
The PHP developers recently released versions 5.6.36, 7.0.30, 7.1.17, and 7.2.5 that fix several bugs. We’ve upgraded the PHP 5.6, 7.0, 7.1, and 7.2 series on our servers as a result.
These changes should not be noticeable, but as always, don’t hesitate to contact us if you have any trouble.
Update May 3, 2018: The change described below is complete on all servers.
Over the next few days, we’ll be updating the software used on each web server from the Apache 2.2 series to the 2.4 series.
Customers should not notice any changes or downtime. We’re mentioning it here just so that customers who do notice a change for some reason will know about it.
While the Apache 2.4 series has some changes and new features, we’ve intentionally kept things compatible with older versions. In particular, we’re using mod_access_compat to ensure that existing “Allow / Deny” authorization directives work, and we’re using SSILegacyExprParser on to ensure that existing Server Side Includes work.
The Apache 2.4 series brings changes we’re using to improve our customers’ websites. For example, we’re already using OCSP stapling to speed up the initial connection to SSL sites in many browsers, and in the future we’ll be adding support for the newer HTTP/2 protocol. Neither of these were possible with older versions of Apache.
As always, don’t hesitate to contact us if you have any trouble.
The authors of the Drupal CMS software today announced yet another “highly critical” Drupal security bug (SA-CORE-2018-004).
This vulnerability is likely to be widely exploited soon. If you use Drupal 7 or 8 without updating it, your site will be compromised (taken over by “hackers”).
To protect our customers who have installed Drupal, we have “patched” the vulnerable files on every copy of Drupal on our servers, blocking the attacks that we expect to see in the future. We used these patches:
So our customers are protected against this particular problem. But that doesn’t mean you shouldn’t upgrade Drupal: older versions also have other security bugs. If you’ve installed the Drupal software on your site, please make absolutely sure you’ve upgraded to the latest version today.
We’ve made a small technical change to the way our servers handle SSL connections. The change shouldn’t affect anyone, but we’re describing it here just for the record.
The technical description of the change is that we’ve removed the DES-CBC3-SHA (aka TLS_RSA_WITH_3DES_EDE_CBC_SHA) cipher suite from the “Medium security, good compatibility: Disable SSLv3 but enable TLS 1.0” option in the SSL section of our control panel, because PCI scanning companies have started flagging the existence of that cipher suite as a “fail”. (We told you it was technical!)
This change may make “medium security” SSL connections show errors for some very old browsers running on Windows XP. (Most such browsers already failed anyway with “medium security”, and they can’t connect to most major sites on the Internet, so almost nobody uses them.) In the unlikely event that you do need a very old browser like that to connect to an SSL-enabled site, you can choose Low security, excellent compatibility: Enable SSLv3 and TLS 1.0 in our control panel to allow it.
Between 9:00 PM and 11:59 PM Pacific time on Friday, April 20, 2018, the MySQL database software on each of our servers will be upgraded from version 5.6.39 to 5.6.40. This will cause an approximately 60 second interruption of service on each MySQL-using customer website at some point during this period.
This upgrade is necessary for security reasons and to fix bugs in MySQL. We apologize for the inconvenience this causes.
Update 9:44 PM Pacific time: The maintenance was completed as planned and all services are running normally.
