Server Updates Part II
We have finished with our final rounds of updates! Now that all updates are complete we can be a little more forthcoming about the nature of the updates. Why not be forthcoming to begin with? Telling the world that you run an old version of something, whether it is vulnerable or not is a security risk that we’re not willing to take.
We are now running some very cutting edge Apache servers. Apache is beta testing 3.0 and some of our test servers now run the code-named Maven Apache web servers. Other servers have had their configurations changed to allow for this new version to be updated in the future without interruption. We have also updated all web servers from PHP 7.0 to 7.3. We run per-directory PHP which means our servers are capable of running multiple version of PHP at once. So if you were running 7.0 or 7.1 you were automatically upgraded to 7.3.x, because of security vulnerabilities and performance issues, version 7.0.x was removed from our servers. We still have PHP versions 5.4.x and 5.6.x available if you are needing our services for PHP compatibility.
We have been running a very old version of MySQL for quite some time (MySQL version 5.5). A few years back Oracle, the makers of Oracle database bought MySQL and stalled the project. The makers of MySQL then created a new project called MariaDB. Because this used to be a new, untested project we were apprehensive about using it in production servers. However, after more than a year of maturation we have now updated all servers to run MariaDB 10.3.x. For most websites, this should be a very noticeable performance gain.
All WordPress sites now run a new SEO plugin library as well as a cloud-firewall plugin library. You’ll notice on your dashboards that you have 2 new widgets. One is for SEO and will alert you when there are problems with the SEO of your website. The other is the firewall widget and will alert you when there are attacks against your website. So far, our firewall has stopped 11,000 attacks in the week it has been deployed. We have seen all sorts of attacks try and run through our firewall including cross site scripting attacks and malware injection attacks. While our firewall doesn’t make it impossible for an attack to hurt your website, it makes it many times more difficult in a three-step-process: 1) Detect and Stop attacks, 2) Neutralize Successful Attacks, 3) Limit the damage a successful attack can cause by denying an attacker write access to critical folders and denying an attacker access to the database.
In summary, all customers should immediately notice a very substantial performance gain on their websites and your websites are much more secure meaning that most attacks shouldn’t even degrade performance any more. This is the last round of big updates for some time to come. We do not expect any more major updates until at least Q4 2018.