Wednesday, October 24, 2007

Security warning for users of Adobe Reader/Acrobat, XP and IE7

A new security threat has been discovered that affects users with the following installed:

  • Windows XP

  • Internet Explorer 7

  • Adobe Acrobat or Reader, v8.1 and earlier

Saturday, October 6, 2007

A new SSL certificate and some minor tweaks

I'll be installing a new SSL certificate for the server today, and also testing to see if it's possible to enable a secure login for hosting clients by using the server IP. Normally SSL certificates are issued to a hostname for the entire server or a single domain for one company. The majority of hosting companies have their clients use the hostname, and if my work around isn't successful, we'll be doing that as well, I was just hoping to be able to offer another way.

Thursday, October 4, 2007

cPanel 11 upgrade fallout

The upgrade went smooth in the majority of areas I've checked, though there's a lot more checking to do, with the exception of the billing and support area. In version 11 cPanel made some undocumented changes in how an extension to PHP was loaded, and this just happened to be an extension (Ioncube) required by the billing/support system to run.

Sunday, September 30, 2007

Welcome to cPanel, version 11

Your cPanel control panel may not look any different, but we're running version 11 now! I plan on leaving everyone's control panel theme as is until Tuesday, to prepare everyone for the change. If you'd like to be converted to the new theme right away, I'd be more than happy to do that for you, just let me know you're ready and I'll flip the switch. The new features won't be visible to you until the interface theme is changed.

Saturday, September 22, 2007

Scheduled downtime for datacenter maintenance

I just (5 minutes ago) received the following notice from the datacenter:

The following servers will be moved from GNAX-DC1 to GNAX-DC2 (their new building). The actual downtime should only be about 1 hour per server. IP's and hardware will remain the same.

Move Date: Monday, Sep 24th 2007
Beginning Time: 12:00 AM
Ending Time: 2:00 AM

Friday, July 13, 2007

Random server software issues are being addressed

Sorry for the vagueness, I'm still sorting through to find what was changed/downgraded/screwed up by a tech (who had plenty of good recommendations) who seemed to think he was doing us a favor by downgrading the version of MySQL from 5.0.27 to 4.1.2, as well as changing some other software so that now MailScanner isn't working (this would be why you received so much SPAM this morning).

Monday, June 18, 2007

SPAM flood gates inadvertantly opened for a few hours

We apologize for the unusual flood of SPAM you may have received this morning. It was caused by a botched cPanel update (to be clear -- botched by cPanel, nothing we did) which installed a newer version of SpamAssassin (v3.2.1) that is untested with cPanel, and apparently incompatible with either our version of cPanel, or MailScanner, or both.

Sunday, June 10, 2007

cPanel: The Next Generation

The long-awaited next generation of cPanel has arrived! Availability for cPanel's version 11 began in May, depending on what build type, or what branch of the release tree the hosting company subscribes to (* an explanation of this at the end of this post).

cPanel's version 11 will introduce MANY new features and options for users, including a new interface. You can see and play with a demo version to get a feel for the new interface. The most notable change is th ability for each cPanel user to customize the layout. Try it!

Also included with v11 is support for Ruby on Rails and many other cool development tools available through the cPanel control panel. It should be noted that though v11 offers many security enhancements, they won't be used on our servers since we already have implemented better security measures using 3rd party applications.

As cPanel's site states, this is a MAJOR release with significant changes.
Due to the massive amount of changes to the cPanel and WHM code base, cPanel will be releasing this upgrade in multiple stages.

AOL email issues and spam "friendly fire"

Effective immediately we will no longer allow users to forward email to AOL email accounts. This decision is being forced upon us and many other hosting companies by AOL's policies, not by our own choice.

Over the past three years there's been a buzz in the hosting industry over the problems caused by users forwarding their email to their own AOL accounts.

What happens (as is shown in the thread from a cPanel users and hosting companies forum) is this...mind you, I did not write the following quote, it is one of many "anti-AOL comments" from the cPanel hosting forums:
Let's say your customer has their mail forwarding to AOL. So of course, it forwards everything, including spam. Now they check their AOL inbox, and they see spam. They report it as spam of course, because they are AOL users and don't know any better..(let's face it..AOL users are less intelligent) Now AOL gets the report and the way they work, they trigger your server as the spamming server.
This has been verified by AOL:

"I apologize for any inconvenience. Yes the mails that are forwarded by your mail servers to AOL users are still counted as a complaint. Even if the AOL user has requested their mail to be forwarded. Either the AOL user will have to be informed that by marking a mail as spam they are sending in reports against your company, or the spam will have to be removed before being forwarded on. "

Saturday, June 9, 2007

Server maintenance being done

We're doing some server maintenance this afternoon, which may result in temporarily slow response times to web pages loading and any MySQL database calls. We apologize for the inconvenience, and hope to finished as quickly as possible.

EDIT 2:02pm: And we're done. Everything seems to be working as it should (and as it was yesterday), but as always, if you experience any problems please submit a support ticket or contact us through the live support window.

Friday, May 25, 2007

Adding PHP module

I'll be recompiling PHP this afternoon to add a needed module, and Apache (the web server) will need to be rebooted after that's done. The version will not change and any modules that are currently there will stay that way, I'm just adding one that's needed for the helpdesk ticket system.

In all likelihood none of this will be noticed, but if you happen to hit the server at just the right time as it's rebooting, the page may temporarily time out. It only takes the server a few minutes to recover from a reboot, and most web hosts never tell you before a server reboot, but we try to keep clients and users as informed as possible.

The entire process should take no more than 30 minutes (the server reboot less than 5), and when it's done I'll update this post.

Wednesday, April 18, 2007

Blackberry system-wide outage leaves millions without email for 14+ hours

Here is but one story on the outage.

A cursory Google search on "Blackberry outage" shows other system-wide outages (which affected millions of users) on the following dates: February 13, 2003, June 17, 2005, January 25, 2006 and February 28, 2006.

Sunday, April 15, 2007

Changes are in the wind...and coming to a browser near you!

As some of you may have noticed, our business name has been slowly changing to simply "Hello World Web." The complete conversion will be done in phases, to coincide with the *final* (read: at-long-last, isn't-it-about-damn-time) completion of OUR business website. As a client said to me Friday, "The shoemaker finally gets new shoes!"

Sunday, March 11, 2007

Billing system bug in any account with '0' due

When the remainder of the accounts were reentered last night into the billing system, any annual accounts were left blank (with a "0" due and a due date of 00/00/000) temporarily, as my immediate concern has been to concentrate on those accounts which were due in February and March.

Thursday, March 8, 2007

The billing system is good to go

The billing system has been reinstalled and configured, and we're ready once again to process invoices. Everyone's overjoyed, right? I think this is the one component lost in the server crash no one but me has missed. :)

Any invoice due between February 14-28 was never processed, but will be in the next day or two. March invoices will be processed on your regularly scheduled due date. Please note this, and be aware that we're not double charging you in March, that there are two charges, for two different months.

Sunday, March 4, 2007

To those on the LiveJournal feed...

Sorry about the blast of old posts from this feed. I changed themes, I swear, that was all! For some reason LJ saw the posts as new, and decided to flood everyone with him.

Thursday, March 1, 2007

New computer virus hits certain networks

Story on CNN.

Monday, February 19, 2007

Horde webmail not allowing users to login

Users are unable to login to webmail using the Horde webmail client. We are investigating the cause, and in the meantime please use SquirrelMail to access your webmail.

Once you're logged into webmail, just click the "SquirrelMail" option on the right, and it will take you directly to your email.

1:02pm This issue has been fixed and Horde is working. Thank you for your patience.

Friday, February 16, 2007

PHP is stable

I've recompiled PHP to a previous and known stable version. All sites are verified up and functioning as before. I will be upgrading to PHP v4.4.2 later this week and making some adjustments to the security settings, but in the meantime we are up and running.

There will be some security tweaking occurring in the next few days, as well as reconfiguring the anti-SPAM settings as they were before so users don't get flooded with tagged spam (the {spam?} tags in the subject line).

Please be patient as we make these changes and recreate all services as they were on the former server. With some changes the server (or Apache, the web server which is what runs the websites you see in your browser) will need to be rebooted and websites will briefly be unavailable. This normally takes less than 60 seconds, and reboots are scheduled for "after hours" whenever possible.

Access restored

Access has been restored, working on PHP issue now.

2:02pm EDIT: When the server was initially setup, the data center installed a version of PHP that is incompatible with the security software that we (and most other web hosts) use. I am recompiling PHP to the previous version now.

PHP issues

When the tech who does our server hardening performed security work early this morning, he tightened the PHP settings *too* tight, and there for broke some PHP pages. This would be a quick fix if the LFD (Login Failure Detection script) he installed wasn't also set too tightly, and has locked me out (since he changed the login).

I am working with the Data center guys now on correcting this issue.

Thursday, February 15, 2007

And we're back

The new server is up and running, with the majority of services having been restored and all accounts have been recreated on the new server (which is 4 times as big and 8 times as powerful as the previous server). The new server has two hard drives, with an 80GB for backups. We will be initiating automated backups as soon as possible, though it's still in all client's best interest to maintain their own backups as well.

The SPAM blocking and anti-virus scanning software are now being reinstalled as I type this, so the SPAM that you've likely seen today will be stopped very shortly. Email accounts were recreated to the best of our ability, though due to privacy concerns we didn't have access to personal passwords, and those had to be changed. Please contact me with any questions.

Wednesday, February 14, 2007

Server hardware failure

There has been a catastrophic server hardware failure, some refer to as "the click of death." It happened at approximately 2:34am this morning.

We are working to restore all services (including websites and email) as quickly as possible.

Thank you for your patience.