Release 6570: php-apcu can be enabled via the hypernode-api
In this release we have added the new functionality of being able to enable the php-apcu PHP module using the hypernode-api. This module is required for running Akeneo and it can also be used by Shopware. We will not enable this module by default as it might get in the way of your Magento performance….
Read moreRelease 6552: Upgrading php-common to 2:69
In this release we’re upgrading php-common from 1:35ubuntu6 to 2:69+ubuntu16.04.1+deb.sury.org+2+php7.3. We’re preparing to add out of the box support for Akeneo, but for that we require php-apcu. The version we’re shooting for depends on [php-common (>= 2:69~)], so that’s why we’re upgrading this. We’ve recently had a lot of requests from people to run Akeneo…
Read moreRelease 6538: hypernode-oom-protect uses correct cwd, hypernode-ssl-config-generator handles multiple DNS names
In this release we have updated some of the tools in our Python bundle of system utilities. hypernode-oom-protect will now report the correct current working directory before: app@1fos4q-dennisv-magweb-cmbl:~/magento2$ hypernode-oom-protect pwd /data/web app@1fos4q-dennisv-magweb-cmbl:~/magento2$ pwd /data/web/magento2 after: app@1fos4q-dennisv-magweb-cmbl:~/magento2$ hypernode-oom-protect pwd /data/web/magento2 app@1fos4q-dennisv-magweb-cmbl:~/magento2$ pwd /data/web/magento2 hypernode-ssl-config-generator can now handle multiple DNS names in the dehydrated domains.txt Example: #example.hypernode.io…
Read moreRelease 6443: hypernode-oom-protect bugfix, elasticsearch logs readable by app user
In this release we have implemented a bugfix that will make it so that children of processes spawned by hypernode-oom-protect will not be flagged as ‘allowed to be out of memory killed’ anymore. This would happen automatically within one minute, which was unintended behavior. On Hypernode we have a periodic task that checks all unprivileged…
Read moreRelease 6364: Magento 2 preinstall updated to 2.3.2
Magento released the new Magento 2 version 2.3.2 yesterday. The Magento 2 preinstall on Hypernode has been updated to this new version. The new preinstalled version when you order a Hypernode will now be 2.3.2. $ bin/magento –version Magento CLI 2.3.2 If you want to try out this new Magento version with the official sample…
Read moreRelease 6360: PHP 7.2 updated to 7.2.19, libsodium updated for Magento 2.3.2
In this release we will update our PHP 7.2 installation from 7.2.16 to 7.2.19. We compiled this new version to include sodium 1.17, following last week Thursday’s posting on the Magento DevBlog about the system requirements for the new and upcoming Magento Open Source and Commerce v2.3.2. While libsodium was already available on Hypernode for…
Read moreRelease 6339: Improved logrotation for Elasticsearch, installed prips and more
In this release we have made a couple of small changes: improved our logrotation policies for Elasticsearch installed prips for printing IP ranges updated the before_redir.block_product_frontend_action NGINX configuration if unaltered to take into account alternative routes. Thanks Cipriano!
Read moreRelease 6334: Install dos2unix
In this release we have installed the dos2unix package for converting DOS/MAC formats to UNIX. Thanks to RIFF for the suggestion.
Read moreRelease 6305: Increase max clause count for Elasticsearch
In this release we will change the max_clause_count from the default value of 1024 to 4096. This change should prevent this error from happening under specific circumstances: {“type”:”too_many_clauses”,”reason”:”maxClauseCount is set to 1024″} The indices.query.bool.max_clause_count setting can not be set during runtime, for that reason we’ve configured it in /etc/elasticsearch/elasticsearch.yml. Changes will be deployed over the…
Read moreRelease 6302: Mitigate unauthenticated SQL injection for Magento 2.2.0 <= 2.3.0
In this release we have deployed a user configurable server side mitigation for a security vulnerability that has been recently patched in Magento 2. For more information about the exploit in question see this article by Ambionics Security. Keep in mind that it is still important that you patch your shop as server side mitigations…
Read moreRelease 6297: Magento 2 preinstall updated to 2.3.1
Magento released a new version of Magento 2 yesterday. The Magento 2 preinstall on Hypernode has been updated to reflect this. The new preinstalled version when you order a Hypernode is 2.3.1. ./bin/magento –version Magento CLI 2.3.1 If you want to try out the new Magento version with the official sample data (the Luma demo…
Read moreRelease 6293: Prevent misconfigured stores from sharing sessions between production and staging
In this release we’ve changed our configuration to set a different path for the PHP session files for the staging webroot to prevent the accidental sharing of sessions with the production environment. If this however was the intended behavior (in case you use staging to share the live data sources), you can configure the session.save_path…
Read moreRelease 6289: hypernode-servicectl can also restart Elasticsearch
In this release we will push an update to the hypernode-servicectl command-line tool that will make it so that the app user is now also privileged to restart the Elasticsearch service. The new option will appear when you have Elasticsearch enabled on your node. app@wifawm-hypernode-magweb-cmbl:~$ hypernode-servicectl –help usage: hypernode-servicectl [-h] [–version] [action] [service [service …]]…
Read moreRelease 6271: PHP updates, 7.1.27-1 and 7.2.16-1
We have updated our PHP 7.1 version from 7.1.16-1 to 7.1.27-1 and the PHP 7.2 version from 7.2.7-2 to 7.2.16-1. For a complete list of changes see the PHP 7 ChangeLog. This update will be deployed on all Hypernodes that have either of these PHP versions enabled over the course of the coming week. To…
Read moreRelease 6270: Elasticsearch for Magento and Shopware on Hypernode
In this release we have added built-in support for Elasticsearch on Hypernode. While previously it was already possible to use Elasticsearch with your Hypernode by connecting to an external search provider, we have now made it possible to use Elasticsearch for your Magento and Shopware shop on Hypernode without requiring any external service or configuration….
Read moreRelease 6249: Larger tmp_table_size and max_heap if tmp_on_data option enabled
In this release we will increase the tmp_table_size and max_heap_table_size setting from the default 64MB value that is configured on Hypernode to 256MB if the previously existing configurable option mysql_tmp_on_data_enabled is enabled. The mysql_tmp_on_data_enabled setting that can be configured using the hypernode-api or using the hypernode-systemctl command-line tool enables users to make MySQL store temporary…
Read moreRelease 6242: Additional automated problem diagnostic emails
In this release we add automated email notifications for two more common issues that are sometimes detected by the diagnostic processes in our autohealing. Redis out of memory Occasionally the autohealing will detect that the Redis instance on the node is out of memory and no more keys can be placed in the cache. When…
Read moreRelease 6239: Block PayPal Payflow denial of service attack
In this release we will deploy a new fail2ban rule that will block IPs based on repeated requests to the /paypal/transparent/requestSecureToken/ endpoint of the PayPal Payflow extension. Malicious requests to this endpoint seem to be able to cause a denial of service by letting the shop issue a suspiciously large amount of test authorizations even…
Read moreRelease 6233: Block any requests for Adminer by default
In a previous release we deployed server-side mitigation to block requests to Adminer URLs from various countries that were known to be the origin of ongoing brute force attacks. Initially we only blocked a conservative amount of countries to not impact any legitimate use of Adminer from the countries our customers generally operate from. Additionally,…
Read moreRelease 6232: PHP 5.6.40 and a Dehydrated tweak
We have updated our PHP 5.6 version from 5.6.36-1 to 5.6.40-1. For a complete list of changes see the PHP 5.6 ChangeLog. This update will be deployed on all Hypernodes that have PHP 5.6 enabled over the course of this week. In other news, we have altered our Dehydrated fork to keep an accounts directory…
Read more20190218.1 – Updated credit card hijack with more recent malware scanner signatures
In this release we have once again updated the MageReport credit card hijack check with the newer signatures. These signatures are the ones that are also already being used for the nightly platform wide Magento malware scan.
Read moreRelease 6202: Mark processes as unkillable when out of memory
In this release we add a command that can be used to start processes that will never be OOM-killed even when the system is completely out of memory. When a Hypernode runs low on memory and a process lays claim on previously allocated pages when there is no more RAM available, the Linux kernel will…
Read moreRelease 6192: More recent signatures for Magento malware scanner, PHP 7.0 updated to the latest version
In this release we have added the more recent malware signatures of the magento malware scanner to Hypernode. The nightly scans will now scan for 5355 versus the previous 2610 that were available in the open source mwscan. Keep in mind that if this week you receive a notice of detected malware it does not…
Read moreRelease 6139: Updated Hypernode Magerun Addons
In this release we have updated the default installation of the open source n98-magerun plugin bundle for Hypernode to the latest version. The previous version that we had installed by default was 20180112.220302, the new version will be 20190121.155345. You can check out the package changelog to see exactly what those changes entail. Notable changes:…
Read more