We’ve talked before about WordPress login rate limiting. Attempts to guess WordPress administrator passwords are an ongoing problem, getting worse all the time.
The average WordPress site we host has received tens of thousands of malicious login attempts this month, with hundreds of thousands of different IP addresses being used in the attacks. We try to block the IP addresses that are responsible, but the ever increasing number of addresses means we can’t block all of them — an individual address often attempts a login only once a day for a given site. We need to adopt other tactics.
Read the rest of this entry »
1:31 PM Pacific time: Our technicians are investigating high load and slow page load times on the “web04” server.
2:09 PM Pacific time: This is being caused by a distributed denial of service attack on WordPress sites that is causing outages for many companies. We’re working to block it.
Read the rest of this entry »
Between 12:50 and 1:23 PM Pacific time, service was intermittently unavailable or slow for sites and e-mail on the web12 server. In addition, customers on other servers may have seen brief delays or high load for about two minutes during this period.
Read the rest of this entry »
Between 11:04 PM and 11:44 PM March 23, our network was either slow to respond due to high packet loss or completely unavailable to some customers.
Read the rest of this entry »
The PHP developers have announced the release of version 5.3.22 that fixes several bugs. We’ve upgraded PHP 5.3.21 to version 5.3.22 on our servers as a result.
In addition, we now offer PHP version 5.4.12 as an optional choice in our control panel. For now, the PHP 5.4 series is recommended only for customers who need to test “cutting edge” features. Most customers should stick with the PHP 5.3 series, which is compatible with a wider variety of scripts.
There was a brief but severe performance problem on the web12 server today between 9:59 and 10:07 AM Pacific time. During this time, many Web server requests were very slow to load or even “timed out” completely. All services are now operating normally again. Other servers were not affected.
Read the rest of this entry »
Between 11:00 PM and 11:59 PM Pacific time February 26, 2013, each of our servers will be restarted for a “kernel upgrade”. This will cause an approximately four minute interruption of service for each customer at some point during this hour.
Read the rest of this entry »
Earlier today, Twitter user @adam_baldwin mentioned finding a security flaw on our site. He reported this to us (thanks!) and we fixed it, then another Twitter user @mattmcgee asked what it was. It helps everyone on the Internet be transparent about security, so here’s an attempt at an explanation.
Read the rest of this entry »
Our business offices will be closed on Monday, February 18 to observe the US legal holiday. As always, we’ll provide same-day support for time-sensitive issues via our ticket and e-mail systems. However, questions that aren’t time-sensitive (including most billing matters) may not be answered until the next day, and telephone support (via callbacks) will be available only for urgent problems.
There was a brief outage on the web12 server today starting at about 6:22 PM Pacific time. This was caused by a “SYN flood” attack, which effectively blocked all other connections with the server.
We took steps to work around the attack, which we completed by 7:08 PM Pacific time (46 minutes after the start of the attack). Furthermore, the attack itself seems to have stopped; the steps we took should help in case in starts again.
We sincerely apologize for the interruption in service for those affected customers; we know that reliable service is a primary concern for all of our customers.
