Release-3138: filter against amasty feed vulnerability
We’ve release a filter for the amasty feed plugin vulnerability (more information here). Anyone using this plugin should update immediately! The filter is placed inside /data/web/nginx/amastyfeed.conf. If you updated your plugin and want to disable the filter, please comment out the filters in that file. We now also deny any requests made towards the /shell/…
Read moreRelease-3114: per IP PHP worker limit
We will be (slowly) releasing a limit for how many PHP workers a source IP can use. Initially we will allow a source IP to use all but 2 PHP workers, in the long run this limit may get set even lower. Today we released this change for all Hypernodes starting with the letter A….
Read moreRelease-3112: Rotate nginx logs by size
Rotate nginx logs every hour if they are larger than 200MB. This is to avoid using excessive disk space for access logs on the root partition. For the most successful hypernodes rotating the logs on a nightly basis was no longer enough. Instead of keeping 14 logs we now keep the last 30 rotated logs.
Read moreRelease-3110: Mitigate httpoxy
Today a set of vulnerabilities was disclosed surrounding CGI-like environments. Luckily due to Hypernode’s thoroughly tested continuously integrated deployment environment we were able to roll out a mitigation strategy on all Hypernodes quickly and safely soon after the news broke. block the HTTP_PROXY header from being passed on to PHP-FPM The Nginx configuration now contains…
Read moreRelease-3014: Varnish pipe_timeout and more streamlined SOLR migrations
Longer pipe_timeout for Varnish. Click here for more information. We added -p pipe_timeout=300 to the Varnish DEAMON_OPTS SOLR is stopped and started during migrations to prevent stale locks from being transferred Lock out the app user during crucial parts of migrations for safer upgrades Improved the automatic cron flocking pattern matching The hypernode-importer also synchronises…
Read moreRelease-3085: Vagrant updates
We’ve been gradually improving our standard of quality for the Magento Vagrant development environment hypernode-vagrant. This is becoming increasingly important with the growing adaptation of the boxfile among our customers and other Magento developers. This week we have deployed various changes to both increase ease of use and performance. package the latest virtualbox guest additions…
Read moreRelease 3071: SSH with password, new DC, Magento 2.1
Release 3071 brings a lot of goodness to your Hypernode. The default DigitalOcean data center where Start, Grow and Professional Hypernodes are booted has been changed. The Magento 2 install on new Trial accounts has been updated to version 2.1 (trials with Magento 1 are still possible). Using SSH on your Hypernode is now possible with the password…
Read moreRelease 3056: disabling old staging ports
Today’s release disables the old staging ports and includes some other changes. Recently we added more conventional staging ports for better integration with Adyen and Cloudflare as requested here on our Uservoice. Now a few weeks later we are removing the old and deprecated staging ports 10080 and 10443. If you are still using the…
Read moreRelease 3054: new image optimizer
This release brings several improvements to the hypernode-image-optimizer: –experimental: 2-3 times slower but 30-50% better compression Max image size default changed from 1000 to 2000 pixels (image optimizer) Runs on lowest I/O priority so heavy optimize jobs will not clash with regular performance. Also, we implemented many improvements to support the Hypernode Vagrant image.
Read moreRelease 3006: Varnish backend timeout increased to 15 minutes
We’ve updated the Varnish -> Nginx timeout to be in sync with the Nginx -> PHP handler timeout. When using Varnish in the past long backend tasks would timeout too early, Varnish would close the connection towards Nginx early. Now Varnish will timeout after 15 minutes, which is the same compared to non-Varnish Hypernode users.
Read moreRelease 2990: New locations for DigitalOcean
This release brings you: Booting DigitalOcean Hypernode’s in multiple datacenter locations worldwide on request php7cc installed by default so you can easily check PHP 7 compatibility of your codebase from the command line Updated modman to 1.12 Disable weak SSH ciphers: arcfour, arcfour128 and arcfour256
Read moreRelease 2966: New PHPMyAdmin for PHP 7
To accommodate PHP 7, we deploy the lastest PHPMyAdmin release (4.6.1). Previously, PHP 7 users could not use PHPMyAdmin. Happy PHPmyadmining!
Read moreRelease 2955: Higher max_packet_size for MySQL
We’re increasing the max_packet_size in MySQL from 32mb to 64mb in order to ease imports and to fix backups for some nodes. Existing nodes will not notice this since a restart is needed for this to take effect, which will happen when we will execute a MySQL update. Also in this release: adjust gone-posts killer…
Read moreRelease 2953: Expand workaround for ImageMagick CVE-2016-3714
Upstream patches are still incomplete for CVE-2016-3714, in the mean time this update blocks more vulnerable ImagMagick “coders” (modules) as a workaround: HTTP, FTP, TEXT, SHOW, WIN, PLT, LABEL.
Read moreRelease 2952: Update PHP to 7.0.6-1
This release updates PHP from 7.0.5-3 to 7.0.6-1. There is a known PHP issue that affects our code compiler when using PHP 7.0.5. We recommend you not use PHP 7.0.5. See: http://devdocs.magento.com/guides/v2.0/install-gde/system-requirements.html Other changes: – mark uptimerobot as a non-bad bot – update Hypernode/Elegentos modules to be compatible with the latest magerun – depend…
Read moreRelease 2935: Workaround for ImageMagick CVE-2016-3714
We’re updating all hypernodes to include the workaround specified by ImageMagick for CVE-2016-3714 until the fixed ImageMagick releases will become available. This will effectively disable the following four “coders” (modules): HTTPS, EPHEMERAL, MVG, MSL
Read moreRelease 2932: Update PHP 5.5 ioncube loader
During today’s PHP 5.4 to PHP 5.5 migration some customers reported problems with the ioncube loader in PHP 5.5. This release updates the ioncube loader to 5.1.2 in order to fix the following error: PHP Fatal error: The file [path_to_file] was encoded by the ionCube Encoder for PHP 5 and cannot run under PHP 5.5….
Read moreRelease 2911: Rate limit HTTP code now 429
Our rate limiter kicks in when foreign bots (non-search engines) hammer your shop. Previously, they were rejected with a HTTP 503 code (temporarily unavailable). This has been changed into 429 (too many requests) as that is a more apt response. Also, we have added better out-of-band access for our operations department, in case something is…
Read moreRelease 2902: Solr for Excellence plans, fixed session cleaner
11 April 2017: due to low demand we deprecated SOLR in favor of sphinx. Starting now we don’t sell SOLR plans anymore. In today’s release we have: Solr is available on request for all Excellence Hypernodes. Please contact Support if you’d like it enabled. We moved the sessions from one place to the other. We…
Read moreRelease 2871: manage server name with custom_server_name and an expansion on our monitoring
Release 2871 brings a new variable $custom_server_name to control the custom server name instead of overwriting server_name directly. This fixes a potential configuration collision between licensing based on server_name and TLS certificate selection: server_name is used to select vhosts and the TLS certificates. It is also passed on to PHP as fastcgi_param so it shows…
Read moreRelease 2856: New Relic 6.2, now also for PHP 7.0
We’ve updated the New Relic agent to the latest version, which is compatible with PHP 7.0. So we’ve also added New Relic to PHP 7.0 when you enable it on the Service Panel. Also, we’ve made some tweaks to the OOM killer, which is a piece of software that is triggered when your Hypernode runs…
Read moreRelease 2846 – ftp/mysql firewall, php7 modules and much more!
It’s been a while but a lot has happened with Hypernode as always! Let’s get right to it: external FTP connections are now rejected by default, unless specific IP is whitelisted external MySQL connections are now rejected by default, unless specific IP is whitelisted PHP 7 has received extra modules: gd, zip and soap We’ve…
Read moreRelease 2757: PHP 7, Vagrant LXC, API restricted and more
The moment is finally here! PHP 7 is available on Hypernode. These are the changes we’ve made since the last release: PHP 7 support New PHP version available: 7.0.4. You can upgrade in the service panel or try it out in the Vagrant Installed modules: Curl, GD, IMAP, intl, mbstring, mcrypt, mysql, ldap, pgsql, pspell,…
Read moreRelease 2684: Varnish 4.0.3 and Vagrant
We’ve been quite busy here at Byte, this changelog highlights some of the changes we made since the last reported release: Varnish 4.0.3 is now the default on new Hypernodes We will be reaching out to customers who are currently running Varnish 3 to discuss upgrading to Varnish 4. added esi_disable_xml_check flag to Varnish 4…
Read more