Release 6679: New WAF rules for CVE-2019-8144, potential abuse in the wild detected

In this release we have updated the Hypernode platform with new NGINX rules to block an attack on the Magento Page Builder. Last month with the Magento 2.3.3 and 2.2.10 Security Update a patch was released for a Remote Code Execution (RCE) vulnerability in the Page Builder: PRODSECBUG-2403: Remote code execution through crafted Page Builder […]

Read more

Release 6675: The app user can now restart php7.3-fpm

When we added PHP 7.3 to Hypernode three weeks ago we forgot to add the privilege for the app user to restart this version. This has now been fixed. The app user can now restart this version of PHP as well. To restart php7.3-fpm on a Hypernode you can run:

Note that restarting PHP […]

Read more

Release 6640: Managing your Nginx VHosts with hypernode-manage-vhosts

This release allows you to enable support for the new hypernode-manage-vhosts command on your Hypernode. This commands allows for easy management of your Nginx server blocks, or commonly referred to as VHosts, on your Hypernode. Managing your VHosts in an easy manner becomes increasingly important if you want to set up multiple VHosts on your […]

Read more

Release 6627: The app user can read /etc/redis/redis.conf

It came to our attention that while the /etc/redis/redis-persistent.conf configuration file for the persistent Redis instance was readable by the app user, the default /etc/redis/redis.conf was not. We’ve now changed our configuration management to also make the redis.conf readable. before:

after:

For more information about our Redis configuration see this article.

Read more

Release 6626: PHP updates, 7.0.33-12, 7.1.33-1, 7.2.24-1, 7.3.11-1 and 5.6.40-13

As announced on Friday, today we have updated the PHP version in our repositories to the following versions:

For details, see the PHP changelog or the Debian PHP Team packaging changelog.

Read more

Release 6625: Preparing PHP upgrade for CVE-2019-11043

Yesterday a new vulnerability in PHP was disclosed where a specific setting of PHP-FPM, combined with a certain NGINX configuration, could result in the possibility of remote code execution. The Hypernode platform is not vulnerable, because our NGINX configuration does not satisfy the preconditions for this bug to be exploitable. However, to prevent similar attack […]

Read more

Release 6591: php-xdebug for PHP 7.3 for hypernode-docker

In this release we update the version of php-xdebug in our repositories from 2.6.0+2.5.5-byte2 to 2.7.2+2.5.5-byte3. We updated to this new version in order to add support for the new PHP 7.3 (which since yesterday has also been available in the latest version of the docker). While it is not possible to use php-xdebug on […]

Read more

Release 6586: PHP 7.3 available on Hypernode

Today we’re making PHP 7.3 available on Hypernode. In yesterday’s changelog some of the changes we did to incorporate this new version into our platform were described, and today we will be adding the option for customers to change to this new version in their production environment. You can switch to this new version of […]

Read more

Release 6584: Block requests to sql and archive files by default

From this release we will start blocking .sql files and archive files by default in Nginx. We do this to prevent accidental exposure This is done by placing the following line in the Nginx configuration: location ~ \.(sql|zip|tar|tar.gz|tgz)$ { deny all; } Any requests to files with the extenstion sql, zip, tar, tar.gz or tgz […]

Read more

Release 6583: Upgrading to MySQL 5.7

In order to support Akeneo and Shopware properly, we have added a new feature in our hypernode-systemctl tool to give you the ability to upgrade your MySQL version to 5.7.26-29. Upgrading your Hypernode to MySQL 5.7 If you want to upgrade your existing Hypernode from MySQL 5.6 to MySQL 5.7, you can simply run the […]

Read more