Release 6679: New WAF rules for CVE-2019-8144, potential abuse in the wild detected

In this release we have updated the Hypernode platform with new NGINX rules to block an attack on the Magento Page Builder. Last month with the Magento 2.3.3 and 2.2.10 Security Update a patch was released for a Remote Code Execution (RCE) vulnerability in the Page Builder: PRODSECBUG-2403: Remote code execution through crafted Page Builder […]

Read more

Release 6675: The app user can now restart php7.3-fpm

When we added PHP 7.3 to Hypernode three weeks ago we forgot to add the privilege for the app user to restart this version. This has now been fixed. The app user can now restart this version of PHP as well. To restart php7.3-fpm on a Hypernode you can run: app@83f01a-vdloo-magweb-cmbl:~$ hypernode-servicectl restart php7.3-fpm Note […]

Read more

Release 6640: Managing your Nginx VHosts with hypernode-manage-vhosts

This release allows you to enable support for the new hypernode-manage-vhosts command on your Hypernode. This commands allows for easy management of your Nginx server blocks, or commonly referred to as VHosts, on your Hypernode. Managing your VHosts in an easy manner becomes increasingly important if you want to set up multiple VHosts on your […]

Read more

Release 6627: The app user can read /etc/redis/redis.conf

It came to our attention that while the /etc/redis/redis-persistent.conf configuration file for the persistent Redis instance was readable by the app user, the default /etc/redis/redis.conf was not. We’ve now changed our configuration management to also make the redis.conf readable. before: app@pup1w8-vdloo-magweb-cmbl:~$ cat /etc/redis/redis.conf cat: /etc/redis/redis.conf: Permission denied app@pup1w8-vdloo-magweb-cmbl:~$ cat /etc/redis/redis-persistent.conf # See https://raw.githubusercontent.com/antirez/redis/3.0/redis.conf for a […]

Read more

Release 6626: PHP updates, 7.0.33-12, 7.1.33-1, 7.2.24-1, 7.3.11-1 and 5.6.40-13

As announced on Friday, today we have updated the PHP version in our repositories to the following versions: 7.0.33-11 to 7.0.33-12 7.1.32-1 to 7.1.33-1 7.2.22-1 to 7.2.24-1 7.3.10-1 to 7.3.11-1 5.6.40-12 to 5.6.40-13 For details, see the PHP changelog or the Debian PHP Team packaging changelog.

Read more

Release 6625: Preparing PHP upgrade for CVE-2019-11043

Yesterday a new vulnerability in PHP was disclosed where a specific setting of PHP-FPM, combined with a certain NGINX configuration, could result in the possibility of remote code execution. The Hypernode platform is not vulnerable, because our NGINX configuration does not satisfy the preconditions for this bug to be exploitable. However, to prevent similar attack […]

Read more

Release 6591: php-xdebug for PHP 7.3 for hypernode-docker

In this release we update the version of php-xdebug in our repositories from 2.6.0+2.5.5-byte2 to 2.7.2+2.5.5-byte3. We updated to this new version in order to add support for the new PHP 7.3 (which since yesterday has also been available in the latest version of the docker). While it is not possible to use php-xdebug on […]

Read more

Release 6586: PHP 7.3 available on Hypernode

Today we’re making PHP 7.3 available on Hypernode. In yesterday’s changelog some of the changes we did to incorporate this new version into our platform were described, and today we will be adding the option for customers to change to this new version in their production environment. You can switch to this new version of […]

Read more

Release 6582: Sudo security update CVE-2019-14287

In this release we have updated the sudo package to address CVE-2019-14287. Yesterday a security vulnerability was announced where commands could be made to run as root using sudo if called with a specially crafted user ID. While we were not vulnerable to this attack, we have deployed this update to all Hypernodes, as additional […]

Read more

Release 6581: Preparing Hypernode for PHP 7.3, Magento 2.3.3 preinstall and sample data

Now that Magento 2.3.3 has been released we have been preparing our platform for supporting PHP 7.3. Magento now officially supports PHP 7.3 since this new version. PHP 7.3 is supposed to be slightly faster than PHP 7.2 for specific work-loads, check out these benchmarks by Phoronix. In order to support this new version of […]

Read more

Release 6575: Update to hypernode.io SPF records

In this release, we change the way that Hypernodes include there SPF records. For each Hypernode we provide an SPF record at spf.<appname>.hypernode.io to be included in your domain. This record used to include spf.byte.nl, which in its turn included all our mail servers and other services. Because spf.byte.nl included other external services, the amount […]

Read more

Release 6570: php-apcu can be enabled via the hypernode-api

In this release we have added the new functionality of being able to enable the php-apcu PHP module using the hypernode-api. This module is required for running Akeneo and it can also be used by Shopware. We will not enable this module by default as it might get in the way of your Magento performance. […]

Read more

Release 6552: Upgrading php-common to 2:69

In this release we’re upgrading php-common from 1:35ubuntu6 to 2:69+ubuntu16.04.1+deb.sury.org+2+php7.3. We’re preparing to add out of the box support for Akeneo, but for that we require php-apcu. The version we’re shooting for depends on [php-common (>= 2:69~)], so that’s why we’re upgrading this. We’ve recently had a lot of requests from people to run Akeneo […]

Read more

Release 6538: hypernode-oom-protect uses correct cwd, hypernode-ssl-config-generator handles multiple DNS names

In this release we have updated some of the tools in our Python bundle of system utilities. hypernode-oom-protect will now report the correct current working directory before: app@1fos4q-dennisv-magweb-cmbl:~/magento2$ hypernode-oom-protect pwd /data/web app@1fos4q-dennisv-magweb-cmbl:~/magento2$ pwd /data/web/magento2 after: app@1fos4q-dennisv-magweb-cmbl:~/magento2$ hypernode-oom-protect pwd /data/web/magento2 app@1fos4q-dennisv-magweb-cmbl:~/magento2$ pwd /data/web/magento2 hypernode-ssl-config-generator can now handle multiple DNS names in the dehydrated domains.txt Example: #example.hypernode.io […]

Read more

Release-6527: PHP updates on the 5.6, 7.0, 7.1 and 7.2 versions

MS-ISAC has issued an alert related to multiple vulnerabilities that have been discovered in PHP. It is recommended that all sites using PHP should update to the latest PHP version as soon as possible. We have updated our PHP versions accordingly: PHP 5.6 version from 5.6.40-1 to 5.6.40-12 PHP 7.0 version from 7.0.33-10 to 7.0.33-11 […]

Read more

Release-6507: More memory added to specific plans

Today we released a new Grow, Professional M, Professional L and Professional XL plan with more memory. Fortunately we have been able to do this without changing prices on these plans. More RAM memory and Redis We lifted the amount of RAM on our Grow plan from 3 to 4 GB and doubled the amount […]

Read more

Release-6472: PHP7.0 update and Hypernode Firewall

PHP7.0 Update We have updated our PHP 7.0 version to 7.0.33-10. For a complete list of changes see the PHP 7.0 ChangeLog. We will be deploying this update gradually overall Hypernodes this week. Hypernode Firewall Also this week we are introducing the Hypernode Firewall. A system which will dynamically update the firewall of each Hypernode […]

Read more

Release 6443: hypernode-oom-protect bugfix, elasticsearch logs readable by app user

In this release we have implemented a bugfix that will make it so that children of processes spawned by hypernode-oom-protect will not be flagged as ‘allowed to be out of memory killed’ anymore. This would happen automatically within one minute, which was unintended behavior. On Hypernode we have a periodic task that checks all unprivileged […]

Read more

Release 6394 – Dehydrated version updated to v0.6.5

In this release we updated our Dehydrated version from v0.6.2 to v0.6.5. This was done in order to fix an issue we noticed when generating new Let’s Encrypt certificates. We received a 400 error with the following error message: Malformed account ID in KeyID header URL: “https://acme-v02.api.letsencrypt.org/acme/acct/” This bug was fixed in v0.6.5 of Dehydrated. […]

Read more

Release 6380: Newsletter spam prevention and Blackfire update

Lately, we saw a big increase in spammers trying to abuse the newsletter and account creation features in Magento. This issue both effects Magento 1 and 2. And it is surprisingly easy to abuse. A spammer can simply try a curl to the newsletter subscription endpoint in Magento with an email address take he would […]

Read more

Release 6364: Magento 2 preinstall updated to 2.3.2

Magento released the new Magento 2 version 2.3.2 yesterday. The Magento 2 preinstall on Hypernode has been updated to this new version. The new preinstalled version when you order a Hypernode will now be 2.3.2. $ bin/magento –version Magento CLI 2.3.2 If you want to try out this new Magento version with the official sample […]

Read more

Release 6360: PHP 7.2 updated to 7.2.19, libsodium updated for Magento 2.3.2

In this release we will update our PHP 7.2 installation from 7.2.16 to 7.2.19. We compiled this new version to include sodium 1.17, following last week Thursday’s posting on the Magento DevBlog about the system requirements for the new and upcoming Magento Open Source and Commerce v2.3.2. While libsodium was already available on Hypernode for […]

Read more

Release 6339: Improved logrotation for Elasticsearch, installed prips and more

In this release we have made a couple of small changes: improved our logrotation policies for Elasticsearch installed prips for printing IP ranges updated the before_redir.block_product_frontend_action NGINX configuration if unaltered to take into account alternative routes. Thanks Cipriano!

Read more

Release 6334: Install dos2unix

In this release we have installed the dos2unix package for converting DOS/MAC formats to UNIX. Thanks to RIFF for the suggestion.

Read more