Release-4046: whitelisted Ayden’s user agent

We’ve whitelisted the Ayden’s HTTP user agent, from the bot ratelimiting. It’s no longer subject to the bot ratelimiting mechanisms.

Read more

Release-3981: Deny specific configuration files on magento1 installations

We’ve moved certain security restrictions from the magento2 configuration into the global magento1/2 security configuration file. In specific the following files are no longer reachable from external: auth.(json|lock) package.(json|lock) composer.(json|lock) Gruntfile.js cron.php Hidden files are also denied with a 403 now instead of a 404. Furthermore we’re working hard on the Xenial migration. Many changes […]

Read more

Release-3864: IP authentication exceptions on development plans

In this release it becomes possible to whitelist IP addresses on development plans, so that they are exempt from the basic authentication requirements. This may be useful to test external payment providers or other kind of external services which do no support basic auth. The whitelist file is placed in /data/web/nginx/whitelist-development-exception.conf and looks like this: […]

Read more

Release-3760: Updated monitoring for development plans

We’ve updated the monitoring of development nodes. The alerting for these plans has been changed to only alert during business hours.

Read more

Release-3728: allow let’s encrypt on dev plans. fix ibdata1 shrink automation

On development plans it’s now possible to use let’s encrypt again. The relevant requests have been made exempt from the basic auth. We fixed a regression in our shrink_ibdata1 automation. A regression had been introduced by the MySQL version update end November. We added an alias sf2 which shows all magento2 storefronts. It executes cd […]

Read more

Release-3586: Updated composer

We’ve changed our composer update itself with the –stable flag. Freshly provisioned nodes however did not understand this flag yet, due to the initially deployed composer being too old. We’ve updated composer in our repository so that all new nodes will be able to update themselfs to the latest stable composer.

Read more

Release-3523: block Visbot user-agent

We now block all user-agents which contain the term “Visbot” inside the user-agent string.

Read more

Release-3513: Updating MySQL to 5.6.33

We are in the process of updating MySQL to the latest version, to get the latest improvements and security fixes. Last night we updated all Hypernodes with starting letters U-Z. Tonight we will update all Hypernodes with starting letters M-T. Tomorrow night all Hypernodes with the starting letters A-L and 0-9 will be updated.   […]

Read more

Release-3470: Improved auto recovery

We’ve improved our auto recovery to automatically attempt fix filesystem inconsistencies on boot. In rare occasions a Hypernode would be forced to reboot off an uncleanly closed filesystem. On boot it would then prompt asking what to do (if it should recover). A recovery is now automatically attempted, reducing recovery time for these cases.

Read more

Release-3447: stricter fail2ban rules on rss notifystock

We tightened our fail2ban rules for rss/notifystock bruteforce attempts to ban 24 hours instead of previously 2 hours. Additionally we enabled the automatic recovery for all nodes now, along with a minor improvement in the auto recover logic.

Read more