The PHP developers recently released PHP version 7.0.0, as well as an update to the 5.6 series, version 5.6.16. We’ve upgraded PHP on our servers as a result.
The official release of PHP 7 means we’ll start encouraging customers to use it (as long as they use modern scripts like current versions of WordPress). It’s almost twice as fast as old versions of PHP. Yes, really: Twice as fast. We’re using it ourselves on this blog.
If you’d like your WordPress or other PHP-based site to seem snappier, or be able to handle twice as many visitors per second, you can easily do so:
- Login to our My Account control panel
- Click PHP Settings
- Click PHP 7.0 series
- Click Save Settings
Then test your site to make sure it works properly. If it does: Great, you’ve just made your site much faster! If it doesn’t, it’s probably because you’re using older scripts that haven’t yet been updated, and you can simply set PHP back to an earlier version for now. We recommend that you always use the latest version that works properly with your scripts.
As always, if you have any trouble, don’t hesitate to contact us.
Outgoing mail that customers send through our servers is now digitally “signed” using DomainKeys Identified Mail (DKIM). Receiving mail servers can check the DKIM signature and know that a message was really sent by someone @ your domain name, which can help them detect and block spam forgeries.
The signing is automatic, and most customers don’t need to do anything to get the benefit of it. You can find details on our page about DKIM.
Customers should not notice any changes due to DKIM signing, but don’t hesitate to contact us if you have any questions or trouble.
Our business offices will be closed on Thursday, November 26 to observe the US legal holiday for Thanksgiving.
As always, we’ll provide same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until Friday, and telephone support (via callbacks) will be available only for urgent problems.
We write a lot about how out of date WordPress plugins or themes can cause your site to get “hacked” due to security bugs.
Interestingly, many of these bugs have a near-identical flaw: They intentionally allow strangers to upload files to your site (intending to allow image uploads and so on), but they don’t sufficiently screen out malicious script files. The bugs allow a malicious PHP script somewhere under the site’s “/wp-content/uploads” directory, then the “hacker” simply runs that script in a web browser.
To help our customers, we’re doing something to minimize the impact of these security vulnerabilities: By default, we’re now blocking PHP scripts from running in “/wp-content/uploads”.
This will improve security because very few sites use this feature legitimately (and none should do so, really; relying on being able to run uploaded PHP scripts without moving them to a safe location is a security risk). Disabling PHP scripts in this directory is recommended by well-known WordPress security companies like Acunetix and Sucuri.
Read the rest of this entry »
As we mentioned in a previous post, our customers can now test the next major update to PHP, version 7.0, which is almost twice as fast as the current PHP 5.6. (There is no PHP version 6: That project was abandoned by the PHP authors.)
Today we updated the test version on our servers from 7.0.0RC6 to the latest 7.0.0RC7.
Read the rest of this entry »
The PHP developers recently released version 5.6.15 that fixes several bugs. We’ve upgraded PHP 5.6 on our servers as a result.
Read the rest of this entry »
As we mentioned in a previous post, our customers can now test the next major update to PHP, version 7.0, which is almost twice as fast as the current PHP 5.6. (There is no PHP version 6: That project was abandoned by the PHP authors.)
Today we updated the test version on our servers from 7.0.0RC5 to the latest 7.0.0RC6. This updated version also includes support for the ImageMagick extension, making it functionally complete.
Read the rest of this entry »
This post describes a small technical change to the way e-mail is stored on our servers. The change is unlikely to affect anyone and does not affect normal e-mail access at all — we’re documenting it just in case any customer is doing something very unusual.
Last year, we started compressing some stored mail on our servers, and our page about mail storage mentioned that compressed mail files would have a capital “Z” in the filename.
Our servers now compress all new mail, and as a side-effect of that change, compressed files won’t always have the “Z” in the filename. The page has been updated to reflect that.
As it says, we never recommend accessing the raw mail storage files anyway: All mail access should always be done through standard SMTP, POP or IMAP protocols. Doing things that way will ensure that changes the mail storage format won’t affect you.
Between 9:00 PM and 11:59 PM Pacific time on Friday October 30 2015, the MySQL database software on each of our servers will be upgraded from version 5.5.44 to 5.5.46. This will cause an approximately 60 second interruption of service on each MySQL-using customer Web site at some point during this period.
This upgrade is necessary for security reasons. We apologize for the inconvenience this causes.
Update 10:25 PM Pacific time: The maintenance was completed as planned and all services are running normally.
The authors of the Joomla software announced today that every version of Joomla between 3.2.0 and 3.4.4 has a critical security bug that allows hackers to take over a site (the bug is known as “CVE-2015-7857”).
The best solution for Joomla users is to update to version 3.4.5 immediately. However, we’ve also added a rule to our servers to protect our customers until they do this. The rule should ensure that if you use our hosting service, “hackers” won’t be able to take advantage of this bug.
Read the rest of this entry »
