Release 6123: Server-side mitigation for Adminer vulnerability probes
In this release we have deployed an addition to the default user configurable NGINX configuration which will block vulnerability probes on Adminer. Adminer is a phpMyAdmin-like single file PHP script that you can install in your shop as an easy web-interface for MySQL. Yesterday, Hypernode co-founder and security researcher Willem de Groot discovered that an…
Read moreRelease 6094: Deploy common NGINX configurations using the hypernode-api
In this release we have added functionality to the hypernode-api that allows users to easily and safely deploy some common NGINX on their Hypernode(s). The rules that we currently expose enable blocking known bot traffic and blocking traffic from some specific countries from which we’ve seen a lot of bot traffic but in which our…
Read moreRelease 6079: Opt-in disable stopwords for MyISAM Search Indexes
In this release we have added a new setting to the hypernode-api to make it possible to disable the built-in stopword file for MyISAM search indexes. In MySQL, the default stopword list for MyISAM tables makes it so that some common words are ignored in certain queries. This means that if you have products or…
Read moreRelease 6068: Better flapping detection in emergency rescue and more
In this release we have adapted our emergency rescue automation to better decide when to continue with performing automated steps to rescue the server instead of deciding that it is up again and leaving it be. When a node is down, alongside with alerting the on-call technician, we automatically try to detect various known issues…
Read moreRelease 6064: RabbitMQ can be accessed via the hypernode-vpn
In this release we have updated our configuration to make it possible for RabbitMQ to be accessed via the hypernode-vpn. Earlier this week we mentioned that to access the RabbitMQ admin interface you could tunnel the tcp port over SSH, but now it is also possible to connect to it through the VPN similar to…
Read moreRelease 6052: RabbitMQ on Hypernode
In this release we deploy the possibility for Hypernodes to run RabbitMQ. Now that Magento 2.3 has been released, RabbitMQ can be used on Magento Open Source installations. Previously it was already possible to use RabbitMQ in the Enterprise version of Magento 2, or with the help of custom third party modules. While Hypernode has…
Read moreRelease 6016: Bugfix in hypernode-parse-nginx-log, also known as pnl
In this release we have pushed a new version of hypernode-parse-nginx-log to fix a bug relating to access logs in the file access.log.1. The pnl, or hypernode-parse-nginx-log tool can be used to convert the JSON Nginx webserver logs into a human readable format and filter specific fields. Previously the tool would only read files like…
Read moreRelease 6000: Magerun2 updated to support Magento 2.3
In this release we will update the command-line tool magerun2 from 2.2.0 to 3.0.1. This new version will add support for Magento 2.3. The new Magento version was previously not yet supported. Note that this new version will also remove support for 2.0.x and for PHP 5.6. If you still depend on those versions you…
Read moreRelease 5953: Magento 2 preinstall updated to 2.3.0
Magento released a new version of Magento 2 yesterday. The Magento 2 preinstall on Hypernode has been updated to reflect this. The new preinstalled version when you order a Hypernode is 2.3.0. ./bin/magento –version Magento CLI 2.3.0 Note that as of right now magerun2 is not yet compatible with this new version, so keep that…
Read moreRelease 5946: Configurable memory management policy and RSS bruteforce detection
Configurable memory management policy In this release we will amend the change we made earlier this month where we increased the limit for our non-essential process slaying mechanism in order to allow more one-off memory hungry processes to run without executing overly drastic measures. While this change worked as intended, it did however result in…
Read moreRelease 5874: Better out of memory pattern detection for preventive non-essential process slaying
On Hypernode we have a very sophisticated system for dealing with low memory situations. As described in these earlier changelog articles this system has evolved quite a bit over time and we are constantly looking for tweaks and adjustments so that we can strike the best possible balance between stability, performance and flexibility. Over time…
Read moreRelease 5869: Configurable ft_min_word_len for products with short names
In this release we expose functionality in the hypernode-api that will make it possible to configure the ft_min_word_len for MySQL. The ft_min_word_len is the minimum length of the word to be included in a MyISAM FULLTEXT index. So, if you sell things in your Magento shop like wol or a sok then today is your…
Read moreRelease 5852: Additional PHP Object Injection WAF rules
In this release we will expand on the configuration changes we’ve made in yesterday’s release which addressed a number of the PHP Object Injection vulnerabilities in third party Magento 1 extensions. Today’s change contains extra filters for probes we’ve seen with an URI encoded version of the payload and for probes where the payload is…
Read moreRelease 5850: Blocking Magecart zero-days
In this release we will deploy a preliminary new version of our Web Application Firewall which will block various forms of known attacks that have been encountered in the wild on a selection of the vulnerable Magento 1 extensions that were disclosed in this blogpost by Willem de Groot, security researcher and ex-Byte founder. The…
Read moreRelease 5840: hypernode-servicectl can also restart Redis
In this release we will push an update to the hypernode-servicectl command-line tool that will make it so that the app user is now also privileged to restart the Redis service. It will be possible to restart the default Redis instance that is commonly used for the full page cache, but it will also be…
Read moreRelease 5793: ImageMagick security update
This week a security release for imagemagick was pushed to fix a vulnerability relating to the underlying Ghostscript interpreter. Because in Magento sites it is not very common for non-trusted users to upload images that will be converted to one of these formats, this vulnerability isn’t very critical. But because people can get very creative…
Read moreRelease 5785: Migrating Hypernode DEV plans to the new Combell OpenStack
In this release we have started our previously announced effort to migrate production resources from DigitalOcean to the brand new Combell OpenStack cloud. This change will allow for a couple of cool new features like volume swap migration between the Magento Professional 3XL, 4XL and 5XL plans and way faster provisioning (around 10 minutes from…
Read moreRelease 5734: Default n98-magerun.yaml configuration file
From this release on we will start placing a default .n98-magerun.yaml configuration file for Magerun in /data/web if no such file exists yet. Previously we already placed this file when a new node was ordered with a Magento 1 preinstallation. But, for the instructions in this article about installing Magento 1 on Hypernode to work…
Read moreRelease 5664: Follow migration process from the commandline
In this release we have added a new commandline tool on Hypernode which allows you to track the progress of running jobs for your Hypernode. This enables you to get a better insight into at what part of the process actions are as they are happening. The command is named hypernode-log and can be run…
Read moreRelease 332: Configure additional Hypernode settings using the API
In this release we have extended the functionality of the (currently BETA) hypernode-api to include some more app-level settings. Note that because the API is still currently under active development the exposed capabilities and naming are still subject to change. Last week we made it possible for API users to enable OpenVPN. In a similar…
Read moreRelease 5624: Customer changes now have a higher priority than system jobs and more
Prioritising customer changes in our backend system In this release we have made a big change to our back-end system to decrease the time it takes for customer changes to be propagated throughout the platform when we are running system jobs. Our automated systems periodically perform operations on all Hypernodes, like installing updates, running backups…
Read moreRelease 5548: Slightly quicker new node provisioning
In this release we have changed our configuration management so it only installs the enabled PHP version during initial provisioning instead of all PHP versions. Previously we would install all available versions on all Hypernodes always in order to speed up switching between versions. But by only installing the enabled version on demand, the time…
Read moreRelease 5541: PHP 7.2 can now be chosen in the service panel
Last week we announced that PHP 7.2 is now available on Hypernode. Today we’ve pushed a new version of our service panel to production which makes it so that you can now switch to (and from) this new version yourself without having to contact support to perform the change for you.
Read moreRelease 5535: Performance improvements for all new Excellence nodes up to 3XL
Improved hardware at Amazon In this release we have changed the EC2 instance type used by all new Magento Excellence plans up to 3XL from the previous generation C3 type to the new generation C5 types. This change will give the Magento Excellence M 500 megabytes of extra RAM, the Excellence L 1 gigabyte of…
Read more