BASH shell vulnerability fixed

A few hours ago, it has been discovered a new global web server vulnerability in the Bash shell. Its scale is as serious as the famous ‘Heartbleed’ one found recently on OpenSSL. Bash is one of the most widely used utilities in any UNIX-based system, making this vulnerability especially critical.

New Bash vulnerability has been fixed

The vulnerability has been named 'Shellshock' and it allows an attacker to create system variables which may contain malicious code which would be executed whenever Bash is invoked.

The vulnerability has been detected on most web server platforms – from most Linux & UNIX distributions to Apple’s Mac OS X, and threatens a large number of web applications, including CMSs like WordPress and Joomla.

However, there is no reason for you to panic about it because our admins have already updated the current Bash version on all servers that are part of our hosting network, thanks to the great response of the Open Source community who made available a fix within hours of the discovery of this flaw!

Kind Regards,
Support team

PHP NG now enabled on our servers for development purposes

On the heels of the recent PHP updates to our system – the introduction of PHP sockets and the upgrade to v 5.6.0, we have now activated PHP NG on our servers.

New PHP NG release available

PHP NG was first introduced in May, 2014 as a major effort to refactor the PHP codebase in order to reduce memory consumption and to increase overall performance.

Although still in alpha development, PHP NG is starting to show amazing performance improvements over the current stable PHP version – PHP 5.6, while maintaining 100% compatibility.

The tests of developers have shown that PHP 5.7 NG is performing anywhere between 20% and 110% faster than PHP 5.6 in real-world applications such as WordPress, Drupal or SugarCRM. Memory consumption has been reduced significantly too.

Also, PHP NG’s refactored codebase is an excellent basis for future optimizations, and its performance level keeps improving.

PHP 5.7 NG is used only for development purposes and will most probably not be suitable for production use this year. However, it has all the potential to turn into a phenomenon for servers around the world, with more stable betas and even release candidates expected in early 2015.

You can enable PHP NG from the PHP Configuration section of the Web Hosting Control Panel.

How to select the new PHP NG in your control panel

Kind Regards,
Support team

Backups for cloud & semi-dedicated hosting customers will be stored even longer

As of this week, backups will be kept for one full month before they are deleted from our servers.

Your backups will be kept for 30 days!

A few months ago, we made a few significant improvements to the backup service for the cloud hosting and semi-dedicated server accounts. First, we increased the daily number of backups to 4, thanks to the implementation of the ZFS file system, and second – we brought data backups right to your fingertips with the option to browse your backup archives from your Control Panel.

We have made another important improvement by extending the period for which we keep your backups on our system.

As of this week, backups will be kept for one full month before they are deleted from our servers. This means that, at any given moment, any customer can choose a preferred restore point from the last 30 days and restore their website back to the way it was.

Here is how our entire backup system works after the new time extension has been introduced:

  • Most recent backups: we will keep 4 different daily backups for up to 3 days back in time
  • Recent backups: between 3 days and 10 days back in time, we will keep 1 daily backup of your data
  • Extended backups: between 10 days and 30 days back in time, we will keep 2 backups each week. These will be the backups from Monday and Thursday.

For your convenience, these backups will not count against your storage quota, so you will not have to worry about your account’s resource usage.

And most importantly – these extended backups will be available to you for free, so you will not need to upgrade in order to get them.

Just like before, you will be able to restore a full backup or just a folder with just one click on the Web Hosting Control Panel.

Kind Regards,
Support team

PHP socket extension enabled on all our hosting servers

Following on customers requests, we have installed the PHP socket extension on all our web hosting servers to provide PHP socket programmers with a low-level interface for network communication purposes.

New PHP bugfix-only release available

PHP sockets are fundamental endpoints that allow clients and servers to communicate in a networked environment. They create an end-to-end communication channel through which a client can send requests to a server and receive a response from it in return.

For instance, when you type in your web browser, it opens a socket (usually on port 80) and connects to the web server to deliver the page to you. The same holds true for any chat client like gTalk or Skype, for example.

Up until now, we have supported functions like fsockopen() for network communication purposes. With the installation of the PHP socket extension, developers will be able to use an array of more complicated functions that will offer them a greater flexibility in establishing a socket-based client-server communication over TCP/IP and in building simple, PHP-based, client-server network applications.

Here is a list of the main low-level-interface functions for creating and manipulating socket communications that are now supported on our servers:

  • socket_accept — accepts a connection on a socket
  • socket_bind — binds a name to a socket
  • socket_clear_error — clears an error on the socket
  • socket_close — closes a socket resource
  • socket_cmsg_space — calculates the size of the message buffer
  • socket_connect — starts a connection on a socket
  • socket_create_listen — opens a socket on a port
  • socket_create_pair — creates a pair of indistinguishable sockets and stores them in an array
  • socket_create — creates a socket
  • socket_get_option — gets socket options for the socket
  • socket_getpeername — queries the remote side of the given socket;
  • socket_getsockname — queries the local side of the given socket;
  • socket_import_stream — imports a stream
  • socket_last_error — returns the last error on a socket
  • socket_listen — listens for a connection on a socket
  • socket_read — reads the maximum length of bytes from a socket
  • socket_recv — receives data from a connected socket
  • socket_recvfrom — receives data from a socket
  • socket_recvmsg — reads a message
  • socket_select — runs the select() system call on the given arrays of sockets with a specified timeout
  • socket_send — sends data to a connected socket
  • socket_sendmsg — send a message
  • socket_sendto — sends a message to a socket
  • socket_set_block — sets blocking mode on a socket resource
  • socket_set_nonblock — sets a file descriptor to non-blocking mode
  • socket_set_option — sets socket options for the socket
  • socket_shutdown — shuts down a socket for receiving, sending, or both
  • socket_strerror — returns a string, which describes a socket error
  • socket_write — writes to a socket

Those of you who are unfamiliar with socket programming can find a lot of useful information on the Unix Socket FAQ page. With slight modifications, this information is fully applicable to socket programming in PHP.

Kind Regards,
Support team

You might like

  • AUD $63.01 each Semi-Dedicated 1
  • AUD $189.03 each Budget
  • AUD $18.90 each OVZ01 VPS Plan