Release-3150 (update): WebForms Pro 2 vulnerability – deny PHP files in upload directory

A vulnerability was discovered in the Magento module WebForms Pro 2. We’ve added a security filter to deny PHP files to be executed from within the upload directory of the module WebForms Pro 2. All requests looking like /js/webforms/upload/*.php will be denied. All users of the module WebForms Pro 2 should immediately update to the […]

Read more

Release-3138: filter against amasty feed vulnerability

We’ve release a filter for the amasty feed plugin vulnerability (more information here). Anyone using this plugin should update immediately! The filter is placed inside /data/web/nginx/amastyfeed.conf. If you updated your plugin and want to disable the filter, please comment out the filters in that file. We now also deny any requests made towards the /shell/ […]

Read more

Release-3114: per IP PHP worker limit

We will be (slowly) releasing a limit for how many PHP workers a source IP can use. Initially we will allow a source IP to use all but 2 PHP workers, in the long run this limit may get set even lower. Today we released this change for all Hypernodes starting with the letter A. […]

Read more

Release-3112: Rotate nginx logs by size

Rotate nginx logs every hour if they are larger than 200MB. This is to avoid using excessive disk space for access logs on the root partition. For the most successful hypernodes rotating the logs on a nightly basis was no longer enough. Instead of keeping 14 logs we now keep the last 30 rotated logs.

Read more

Release-3110: Mitigate httpoxy

Today a set of vulnerabilities was disclosed surrounding CGI-like environments. Luckily due to Hypernode’s thoroughly tested continuously integrated deployment environment we were able to roll out a mitigation strategy on all Hypernodes quickly and safely soon after the news broke. block the HTTP_PROXY header from being passed on to PHP-FPM The Nginx configuration now contains […]

Read more

Release-3014: Varnish pipe_timeout and more streamlined SOLR migrations

Longer pipe_timeout for Varnish. Click here for more information. We added -p pipe_timeout=300 to the Varnish DEAMON_OPTS SOLR is stopped and started during migrations to prevent stale locks from being transferred Lock out the app user during crucial parts of migrations for safer upgrades Improved the automatic cron flocking pattern matching The hypernode-importer also synchronises […]

Read more

Release-3085: Vagrant updates

We’ve been gradually improving our standard of quality for the Magento Vagrant development environment hypernode-vagrant. This is becoming increasingly important with the growing adaptation of the boxfile among our customers and other Magento developers. This week we have deployed various changes to both increase ease of use and performance. package the latest virtualbox guest additions […]

Read more

Release 3071: SSH with password, new DC, Magento 2.1

Release 3071 brings a lot of goodness to your Hypernode. The default DigitalOcean data center where Start, Grow and Professional Hypernodes are booted has been changed. The Magento 2 install on new Trial accounts has been updated to version 2.1 (trials with Magento 1 are still possible). Using SSH on your Hypernode is now possible with the password […]

Read more

Release 3056: disabling old staging ports

Today’s release disables the old staging ports and includes some other changes. Recently we added more conventional staging ports for better integration with Adyen and Cloudflare as requested here on our Uservoice. Now a few weeks later we are removing the old and deprecated staging ports 10080 and 10443. If you are still using the […]

Read more

Release 3054: new image optimizer

This release brings several improvements to the hypernode-image-optimizer: –experimental: 2-3 times slower but 30-50% better compression Max image size default changed from 1000 to 2000 pixels (image optimizer) Runs on lowest I/O priority so heavy optimize jobs will not clash with regular performance. Also, we implemented many improvements to support the Hypernode Vagrant image.

Read more