Changelog Archive - Page 2 of 5

Release-3359: NGINX config reloader no longer allows absolute includes

We’ve updated the NGINX config reloader to not allow absolute includes. Absolute includes worked against the NGINX config reloader. The purpose of the config reloader is to ensure that the live config is syntactically correct and working, having an outside dependency (include) that can change the running live config can cause NGINX to no longer come up. Specifically the following includes are…

Release-3359: Let’s Encrypt Firefox fix

We’ve improved the let’s encrypt implementation. Firefox now accepts the certificates as expected.

Release-3285: updated Blackfire and GeoIP database, and added GeoIP city

We updated the Blackfire PHP5 probes to the latest versions (agent 1.7.4, PHP probe 1.12.0) We updated the GeoIP* database to the latest version which comes with Ubuntu 16.04 We included the GeoIP city database into NGINX. The city fields are now available in the PHP $_SERVER environment variable. Fixed a problem where backups were…

Release-3274: NGINX upgrade for all remaining nodes

Today all Hypernodes starting with N-Z and 0-9 will be upgraded to a newer NGINX version. Additionally we made some changes to our Web Application Firewall (WAF). If you notice something out of the usual or think this new configuration is somehow clashing with your NGINX configuration, please contact us.

Release-3272: PHP 7 update to version 7.0.10

We’ve deployed the latest PHP 7.0 to all nodes running PHP 7.0. This is PHP 7.0.10, that contains a couple minor security fixes. Please find the changelog here: http://www.php.net/ChangeLog-7.php#7.0.10

Release-3229: per IP PHP worker limit for all (remaining) nodes

The per IP dynamic worker limit is now enabled for all nodes starting with N-Z and 0-9. Any IP address who is using too many PHP workers (already) will receive a 429 error code on their next request. Documentation on how to whitelist IPs or disable this feature can be found in our support documentation.

Release-3204: installed Node.js, Compass and Sass

We installed Compass and Sass, a CSS pre-compiler that provides organizable, reusable CSS. This tool received 18 votes on our Uservoice. Please let us know if you have any issues with the versions we’ve provided, as they come from the default 12.04 repositories. Also, we installed Node.js (version 0.10.37) by default on all Hypernodes. No need to install…

Release-3200: increase FastCGI buffers and dynamic IP limit overrideable

In this release we increased the FastCGI buffers by default, because in some corner cases customers had to increase these themselves. Next to that we changed the implementation of the dynamic request limit per IP in such a way that it can be overridden in the Nginx config. Documentation about this will follow.

Release-3179: Enable slot limiting for nodes with the letter A-M and disable MySQL binlog

All nodes starting with the letter A-M, will have the slot limiting enabled as described here. We’ve disabled the MySQL bin logs, since we do not do any replication. This avoids unneeded overhead.

Release-3168: New n98-magerun commands for Varnish and more

We released a few minor changes and improvements to the platform: We’ve added two new Magerun commands for Varnish: turpentine turpentine:config:save Save and apply Turpentine’s VCL configuration to Varnish turpentine:varnish:flush Flushes all cached varnish URL’s. We’ve installed ‘zip’. Allow files from within /.well-known/ folder as per RFC5785. It’s used for discovery of policy or other…

Release-3150 (update): WebForms Pro 2 vulnerability – deny PHP files in upload directory

A vulnerability was discovered in the Magento module WebForms Pro 2. We’ve added a security filter to deny PHP files to be executed from within the upload directory of the module WebForms Pro 2. All requests looking like /js/webforms/upload/*.php will be denied. All users of the module WebForms Pro 2 should immediately update to the…

Release-3138: filter against amasty feed vulnerability

We’ve release a filter for the amasty feed plugin vulnerability (more information here). Anyone using this plugin should update immediately! The filter is placed inside /data/web/nginx/amastyfeed.conf. If you updated your plugin and want to disable the filter, please comment out the filters in that file. We now also deny any requests made towards the /shell/…

Release-3114: per IP PHP worker limit

We will be (slowly) releasing a limit for how many PHP workers a source IP can use. Initially we will allow a source IP to use all but 2 PHP workers, in the long run this limit may get set even lower. Today we released this change for all Hypernodes starting with the letter A….

Release-3112: Rotate nginx logs by size

Rotate nginx logs every hour if they are larger than 200MB. This is to avoid using excessive disk space for access logs on the root partition. For the most successful hypernodes rotating the logs on a nightly basis was no longer enough. Instead of keeping 14 logs we now keep the last 30 rotated logs.

Release 3006: Varnish backend timeout increased to 15 minutes

We’ve updated the Varnish -> Nginx timeout to be in sync with the Nginx -> PHP handler timeout. When using Varnish in the past long backend tasks would timeout too early, Varnish would close the connection towards Nginx early. Now Varnish will timeout after 15 minutes, which is the same compared to non-Varnish Hypernode users.

Release 2955: Higher max_packet_size for MySQL

We’re increasing the max_packet_size in MySQL from 32mb to 64mb in order to ease imports and to fix backups for some nodes. Existing nodes will not notice this since a restart is needed for this to take effect, which will happen when we will execute a MySQL update. Also in this release: adjust gone-posts killer…

Release 2935: Workaround for ImageMagick CVE-2016-3714

We’re updating all hypernodes to include the workaround specified by ImageMagick for CVE-2016-3714 until the fixed ImageMagick releases will become available. This will effectively disable the following four “coders” (modules): HTTPS, EPHEMERAL, MVG, MSL

Release 2932: Update PHP 5.5 ioncube loader

During today’s PHP 5.4 to PHP 5.5 migration some customers reported problems with the ioncube loader in PHP 5.5. This release updates the ioncube loader to 5.1.2 in order to fix the following error: PHP Fatal error: The file [path_to_file] was encoded by the ionCube Encoder for PHP 5 and cannot run under PHP 5.5….

Release 2846 – ftp/mysql firewall, php7 modules and much more!

It’s been a while but a lot has happened with Hypernode as always! Let’s get right to it: external FTP connections are now rejected by default, unless specific IP is whitelisted external MySQL connections are now rejected by default, unless specific IP is whitelisted PHP 7 has received extra modules: gd, zip and soap We’ve…

Release 2628: Http2 support, magento 2 pre-installed

We’ve updated our nginx webserver to include http2 support. All our hypernodes now have http2 enabled. Magento2 trials now get magento2 pre-installed, to make it much more convenient to explore Magento2. When ordering a normal hypernode trial, the pre-installed magento version is still Magento 1. In HHVM we’ve enabled the zend compatibility mode which makes…

Release 2451: PHP 5.5 for new hypernodes

Hypernode changes: New hypernodes will be provisioned with php 5.5 All existing nodes remain on php 5.4, if you would like to switch to 5.5 please ask our support staff. In case a website on a hypernode gets hacked, we can now administratively disable the sites on it to prevent further damage. Improvements to our…

Author: Daniel