Our SSL servers support “perfect forward secrecy”

Posted August 22nd, 2014 in System Status, Tech Corner. Tags: , .

If your site uses an SSL certificate from us, our servers now provide an important feature called perfect forward secrecy.

Read the rest of this entry »

Brief MySQL scheduled maintenance August 9 2014 (completed)

Posted August 7th, 2014 in System Status. Tags: , , , , .

Between 9:00 PM and 11:59 PM Pacific time on Saturday August 9 2014, the MySQL database software on each of our servers will be upgraded from version 5.5.35 to 5.5.38. This will cause an approximately 30 second interruption of service on each MySQL-using customer Web site at some point during this period.

This upgrade is necessary for security reasons. We apologize for the inconvenience this causes.

Update 9:43 PM Pacific time: The maintenance was completed and all services are running normally.

Sites hosted with us aren’t subject to website “cross-contamination”

Posted July 24th, 2014 in Tales From the Support Team, Tech Corner. Tags: , .

One of our customers asked if multiple domain names hosted with us are vulnerable to “website cross-contamination”, a nasty security problem that can happen at many hosting companies when two different sites share the same “account”.

The answer is no. We intentionally handle multiple hosted domain names differently from the way most hosting companies handle extra hosted domain names, avoiding the problem.

Read the rest of this entry »

Blocking more WordPress xmlrpc.php attacks

Posted July 22nd, 2014 in System Status, Tech Corner. Tags: , .

Over the last few days, we’ve been tracking an ever-increasing distributed attack on the WordPress xmlrpc.php service.

We’ve previously seen and blocked attacks on this file that tried to post spam comments or act as a denial of service amplifier, but this attack is different: it tries to guess WordPress usernames and passwords.

As a result, we’ve applied more aggressive blocking than usual to the attack. It’s remotely possible that the blocking could cause legitimate third-party WordPress “apps” and services to be unable to access your blog (although it can’t cause problems when just visiting WordPress in a normal Web browser); don’t hesitate to contact us if you’re one of our customers having trouble.

Just so it’s clear, we’ve blocked this attack for all our hosting customers. But the rest of this post has some technical details that may help other people trying to do the same.

Read the rest of this entry »

WordPress security plugins that hide the source of blocking

Posted July 22nd, 2014 in Tech Corner. Tags: , .

We often get reports from customers saying they’ve been blocked from their WordPress sites with a strange generic error message or blank page.

When we investigate, it’s common to find that it happened because they installed a security plugin that has made a mistake — a “false positive” — and blocked the site owner.

Read the rest of this entry »

Brief scheduled maintenance June 7, 2014 (completed)

Posted June 6th, 2014 in System Status. Tags: , , , , .

Between 10:00 PM and 11:59 PM Pacific time on Saturday, June 7, each of our hosting servers will be restarted. This will cause a brief interruption of service (less than 10 minutes) for each site at some point during this 2 hour period.

Read the rest of this entry »

Brief scheduled maintenance May 24, 2014 (completed)

Posted May 22nd, 2014 in System Status. Tags: , , , , .

Between 10:00 PM and 11:59 PM Pacific time on Saturday, May 24, each of our hosting servers will be restarted. This will cause a brief interruption of service (less than 10 minutes) for each site at some point during this 2 hour period.

Read the rest of this entry »

MySQL updated to version 5.5.37

Posted May 10th, 2014 in System Status, Tech Corner. Tags: , , , , .

We’ve updated the MySQL database software on our servers from version 5.5.35 to 5.5.37 for security reasons.

Customers should not notice any changes, as the update merely fixes bugs and doesn’t introduce new features. But as always, don’t hesitate to contact us if you have any questions.

Our servers are not vulnerable to the “Heartbleed” SSL security bug

Posted April 8th, 2014 in Tech Corner. Tags: , .

Yesterday, Internet security researchers announced discovery of the Heartbleed SSL security bug. This bug allows attackers to bypass SSL encryption on servers that use certain versions of software called “OpenSSL”.

Our servers are not, and never have been, vulnerable to this bug, because we’ve never used the affected versions of the OpenSSL software. Our customers are not affected by it in any way.

Read the rest of this entry »

Upcoming scheduled maintenance for MySQL 5.5 upgrades (completed)

Posted February 5th, 2014 in System Status. Tags: , , , , .

Over the next ten days (February 7-15, 2014), we’ll be upgrading the MySQL database on all of our servers from version 5.1.72 to 5.5.35. The upgrade requires that each Web server be taken offline for two minutes, causing brief scheduled “downtime”.

Read the rest of this entry »

  1. Recent Posts

    1. PHP versions 8.1.28, 8.2.18, and 8.3.6
    2. PHP versions 8.2.17 and 8.3.4
    3. President’s Day 2024 holiday hours
    4. PHP versions 8.1.27 and 8.2.15
    5. Martin Luther King, Jr. Day 2024 holiday hours
    6. New Year’s 2024 Holiday Hours
    7. Christmas 2023 Holiday Hours
    8. Brief scheduled maintenance December 16-17, 2023
    9. Thanksgiving 2023 Holiday Hours
    10. PHP versions 8.1.25 and 8.2.12

  2. Categories

  3. Tags

    all servers email holiday hours linux mailman maintenance mod_security mysql network php phpmyadmin security server updates spam ssl status updates webmail wordpress zapp

  4. Feeds