Release 6239: Block PayPal Payflow denial of service attack

In this release we will deploy a new fail2ban rule that will block IPs based on repeated requests to the /paypal/transparent/requestSecureToken/ endpoint of the PayPal Payflow extension. Malicious requests to this endpoint seem to be able to cause a denial of service by letting the shop issue a suspiciously large amount of test authorizations even…

Read more

Release 6233: Block any requests for Adminer by default

In a previous release we deployed server-side mitigation to block requests to Adminer URLs from various countries that were known to be the origin of ongoing brute force attacks. Initially we only blocked a conservative amount of countries to not impact any legitimate use of Adminer from the countries our customers generally operate from. Additionally,…

Read more

Release 6232: PHP 5.6.40 and a Dehydrated tweak

We have updated our PHP 5.6 version from 5.6.36-1 to 5.6.40-1. For a complete list of changes see the PHP 5.6 ChangeLog. This update will be deployed on all Hypernodes that have PHP 5.6 enabled over the course of this week. In other news, we have altered our Dehydrated fork to keep an accounts directory…

Read more

release-22: Change your PHP version from Control Panel

Change your PHP version Now you can change the PHP version directly from the PHP page. Simply select a version and make the change.

Read more

20190218.1 – Updated credit card hijack with more recent malware scanner signatures

In this release we have once again updated the MageReport credit card hijack check with the newer signatures. These signatures are the ones that are also already being used for the nightly platform wide Magento malware scan.

Read more

Release 6202: Mark processes as unkillable when out of memory

In this release we add a command that can be used to start processes that will never be OOM-killed even when the system is completely out of memory. When a Hypernode runs low on memory and a process lays claim on previously allocated pages when there is no more RAM available, the Linux kernel will…

Read more

release-21: My Hypernode & PHP

My Hypernode We’ve added a simple page with some specs of your Hypernode. Such as CPU core count, storage usage, RAM and more.   PHP version The second page added in this release is the PHP version page. See what PHP version your Hypernode is running there. Changing the PHP version from the page is…

Read more

Release 6192: More recent signatures for Magento malware scanner, PHP 7.0 updated to the latest version

In this release we have added the more recent malware signatures of the magento malware scanner to Hypernode. The nightly scans will now scan for 5355 versus the previous 2610 that were available in the open source mwscan. Keep in mind that if this week you receive a notice of detected malware it does not…

Read more

Release 6181: Upgraded Let’s Encrypt client

In this release we have upgraded our Let’s Encrypt client Dehydrated to version 0.6.2, which fully supports version 2 of the Let’s Encrypt ACME protocol. Existing users should not notice any changes, the only difference is that dehydrated should be invoked with the –accept-terms flag if used for the first time: $ dehydrated –cron –create-dirs…

Read more

Release 6139: Updated Hypernode Magerun Addons

In this release we have updated the default installation of the open source n98-magerun plugin bundle for Hypernode to the latest version. The previous version that we had installed by default was 20180112.220302, the new version will be 20190121.155345. You can check out the package changelog to see exactly what those changes entail. Notable changes:…

Read more

Release 6123: Server-side mitigation for Adminer vulnerability probes

In this release we have deployed an addition to the default user configurable NGINX configuration which will block vulnerability probes on Adminer. Adminer is a phpMyAdmin-like single file PHP script that you can install in your shop as an easy web-interface for MySQL. Yesterday, Hypernode co-founder and security researcher Willem de Groot discovered that an…

Read more

Release 6094: Deploy common NGINX configurations using the hypernode-api

In this release we have added functionality to the hypernode-api that allows users to easily and safely deploy some common NGINX on their Hypernode(s). The rules that we currently expose enable blocking known bot traffic and blocking traffic from some specific countries from which we’ve seen a lot of bot traffic but in which our…

Read more

Release 6079: Opt-in disable stopwords for MyISAM Search Indexes

In this release we have added a new setting to the hypernode-api to make it possible to disable the built-in stopword file for MyISAM search indexes. In MySQL, the default stopword list for MyISAM tables makes it so that some common words are ignored in certain queries. This means that if you have products or…

Read more

Release 6068: Better flapping detection in emergency rescue and more

In this release we have adapted our emergency rescue automation to better decide when to continue with performing automated steps to rescue the server instead of deciding that it is up again and leaving it be. When a node is down, alongside with alerting the on-call technician, we automatically try to detect various known issues…

Read more

20190107.1 – Show loading icon for Premium users and bug fixes

Show loading icon for Premium users With the recent addition of running checks in batches and ordering them by failure we accidentally got rid of the loading/scanning icon for premium users. This has now been fixed so premium users can see when MageReport is still busy scanning for checks and retrieving performance information. Interested in…

Read more

Release 6064: RabbitMQ can be accessed via the hypernode-vpn

In this release we have updated our configuration to make it possible for RabbitMQ to be accessed via the hypernode-vpn. Earlier this week we mentioned that to access the RabbitMQ admin interface you could tunnel the tcp port over SSH, but now it is also possible to connect to it through the VPN similar to…

Read more

Release 6052: RabbitMQ on Hypernode

In this release we deploy the possibility for Hypernodes to run RabbitMQ. Now that Magento 2.3 has been released, RabbitMQ can be used on Magento Open Source installations. Previously it was already possible to use RabbitMQ in the Enterprise version of Magento 2, or with the help of custom third party modules. While Hypernode has…

Read more

Release 6047: trials have more specs

In this release, we’ve equipped our trials with more specs. New customers trying out our platform for free now get 3 cores, 4G memory and 62G storage (before: 2c-2G-44G). Of course, all features like Sphinx, Varnish, New Relic, Blackfire are still included. Also (spoiler alert!) RabbitMQ will very soon be available on trials. Magento 2…

Read more

release-20: SSH keys

SSH keys It’s now possible to add and remove SSH keys on your Hypernode via the control panel. This feature includes the ability to limit login access to specific IP addresses if required. Information about how to add a limited IP SSH key can be found in the SSH keys support documentation. To use the…

Read more

Release-6025: Hypernode Diagnostic

In this release we added a new command, hypernode-diagnostic. It gathers some basic information related to your Hypernode and Magento shop and presents this in a nice and easy to read format. Information such as PHP version, cron jobs, Magento version/edition and more. $ hypernode-diagnostic Magento information on 2018-12-20 10:29:27: – Magento version 2.3.0 Community…

Read more

Release 6016: Bugfix in hypernode-parse-nginx-log, also known as pnl

In this release we have pushed a new version of hypernode-parse-nginx-log to fix a bug relating to access logs in the file access.log.1. The pnl, or hypernode-parse-nginx-log tool can be used to convert the JSON Nginx webserver logs into a human readable format and filter specific fields. Previously the tool would only read files like…

Read more

20181217.1 – Checks ordering, webgility update, generic malicious JS check and more

New check ordering We received a lot of feedback about the ordering of checks. Previously they would be ordered based on the most recently added checks, but this does not always make sense from a user’s perspective. For users it’s a lot more important that checks that fail are shown first so you can get…

Read more

Release 6000: Magerun2 updated to support Magento 2.3

In this release we will update the command-line tool magerun2 from 2.2.0 to 3.0.1. This new version will add support for Magento 2.3. The new Magento version was previously not yet supported. Note that this new version will also remove support for 2.0.x and for PHP 5.6. If you still depend on those versions you…

Read more

release-19: Varnish, edit subscription and more

Varnish It’s now possible to enable Varnish for your Hypernode via the control panel. You can find this feature under the “Caching” tab on the left when you’ve selected a Hypernode. Alternatively you can check it out by visiting this link. Editing subscriptions You can now edit the subscriptions for your Hypernodes by either clicking…

Read more