In this release we have enabled Brotli on all Hypernodes. Google Brotli Compression Brotli is the often requested generic-purpose lossless compression algorithm by Google that can achieve a compression ratio of 20 to 26% higher than their previous Zopfli compression algorithm. This can give the performance of your shop an edge in low bandwidth situations … Continued
Updated SSL cipher suites We updated our SSL settings to the Mozilla Intermediate configuration. We now support a larger range of secure ECDSA ciphers. Several unused DSS ciphers have been removed, in favor of more popular and secure RSA ciphers. The Mozilla Intermediate configuration is advised by Mozilla for websites that need to support a … Continued
In this release, we have increased the NGINX map_hash_bucket_size from the default 64 to 128. This change will allow longer lines in map includes. This is convenient in situations like the external whitelist include we describe in this article about Magento and smarter 404 handling. For example, the app/force404.txt in that article will now be … Continued
Problems with non-loading ESI blocks fixed We’ve updated our Varnish configuration to include the -p feature=+esi_ignore_https flag by default for new Hypernodes. We’ve updated this because of problems with ESI (Edge Side Includes) blocks not loading when retrieved using site-wide HTTPS with Varnish enabled in Magento 2 stores. As Varnish does not natively support HTTPS, ESI … Continued
We’ve updated Nginx to version 1.13.5. With this update we’ve included the option to use the brotli compression algorithm (it’s still disabled for everyone though). We are looking for volunteers to test the brotli compression, if you are interested please send us an e-mail to firstname.lastname@example.org. Brotli is a new compression algorithm from Google which … Continued
Multi-threaded cache warmer In this release we’ve once again deployed a new version of magerun-hypernode. This time with a great new feature by the people at Tickles. This update makes the hypernode cache warmer multi-threaded so it can warm the cache for multiple pages at the same time. To specify the amount of concurrent requests … Continued
In this release we have renamed the new version of the hypernode-importer to hypernode-importer (before it was named hypernode-importer3). The old version of the hypernode-importer will not be completely removed yet, but instead has been renamed to hypernode-importer-legacy for backwards compatibility. For more information about changes in the new importer, see this earlier changelog. Other … Continued
This release brings a minor bugfix for hypernode-importer3 (and the service panel importer). Previously if the –set-maintenance-on-source flag was used to set the original shop in maintenance mode, the importer would fail if the maintenance mode flag was removed on the Hypernode the shop was imported on before the entire import had been completed. Because … Continued
We have updated our PHP 7 version to 7.0.23. For a complete list of changes see the PHP 7 ChangeLog. We will be deploying this update gradually over all Hypernodes this week.
In this Hypernode changelog we discuss the latest changes made to the hypernode-magerun package and the hypernode-image-optimizer. Hypernode-magerun In this release we’ve updated the hypernode-magerun package to install some modules for magerun2 system wide. Currently this only includes the hypernode:performance command.
$ magerun2 | grep hypernode
hypernode:performance Generate a performance report based on sitemaps.
For more information about using the hypernode:performance command with magerun2, see this earlier … Continued
Fixed the Blackfire PHP 5.6 integration. When we released PHP 5.6 for Hypernode we forgot a small step which prevented Blackfire from working. This has been fixed.
This release brings a new version of hypernode-importer3, some bugfixes for hypernode-parse-nginx-log and various changes to our cloud operations job processing backend. Magento path discovery in the importer is now breadth first The hypernode-importer3 tool will now find the top level Magento in the specified path. If a path was supplied that contained a Magento … Continued
From now on when a new Magento 1 Hypernode is created the default PHP version will be 5.6 instead of 5.5. Magento 2 Hypernodes will still be created with PHP 7.0 as the default setting. PHP 5.6 is a lot faster than PHP 5.5, check out this benchmark of an unoptimized Magento 1 shop with … Continued
We’ve added a new version of magerun-hypernode to our repositories. Changes since the last release:
[ Jochem Klaver ]
* Fixing #46 hypernode:patches:list matching the inconsistent patch names in applies.patches.list (#47)
* Do not list reverted patches as applied
[ Timon de Groot ]
* Make command hypernode:performance available for n98-magerun2
* Add information to README about n98-magerun2 compatibility
* Optimize imports in command hypernode:performance
* Fixate package "doctrine/instantiator" on latest supported version
Note that this update does not automatically enables the hypernode:performance command globally for magerun2 yet, but you can read here how to already include it yourself. However this does allow you to use the magerun (not magerun2) module to … Continued
In preparation for the PHP 5.6 release, we are installing PHP 5.6 alongside the other PHP versions. The ability to use PHP 5.6 for your shop will follow soon. Additionally, we now allow LOAD DATA INFILE queries from all locations
We have updated our PHP 7 version to 7.0.22. This new release includes various minor bugfixes, for a complete list of changes click here.
PHP 5.6 preparations In preparation for the PHP 5.6 release we’ve rebuilt the php-redis and php-imagick PHP modules. These have already been re-built for existing PHP versions (PHP 5.5 & PHP 7). In addition they are also built for PHP 5.6 now. Blackfire updates We’ve also updated our Blackfire probes: blackfire-agent 1.11.0 -> 1.14.1 blackfire-php … Continued
In the past month we re-wrote the hypernode-importer from scratch to fix a couple of issues, added some new functionalities and made it more efficient. Now it supports Magento 2, handles special characters in database passwords and imports the database and file-system in parallel. Hypernode-importer3 – loads of new options The original hypernode-importer will still … Continued
Ioncube for PHP 7 We’ve made ioncube available for PHP 7 as an opt-in option. If you would like to use ioncube for PHP 7 please contact support, and let them know for which nodes you would like to enable ioncube. More MySQL connections For larger Hypernodes (from 20 cores and up) we’ve increased the … Continued
We’ve changed our automatic recovery to be delayed at night. When a server goes offline or becomes unresponsive, an automated process attempts certain rescue strategies in order to resolve the issue. Some customers run cron jobs at night which would cause database locks and effectively causing their websites to go offline. Our recovery is now … Continued
In this release GZIP compression in NGINX for vector based images is enabled by default. In the past this was already configurable by adding custom GZIP types to your NGINX config, but enabling this in the default config is a sensible default. The following image formats are now compressed: image/svg image/svg+xml image/eps. Suggested by Mark … Continued
We’ve added the snappy compression algorithm to PHP. Snappy offers much higher compression/decompression speeds compared to gzip, at a slight compression ratio cost. This is taken from the Squash Benchmark, which is a good overview over various compression algorithms vs various input data. From the above benchmarks, using the core i-7 machine together with the … Continued
Last night NGINX issued a security advisory for versions 0.5.6 – 1.13.2 regarding an integer overflow issue in the built-in range filter module. This issue could potentially allow denial of service or disclosure of worker process memory if abused. Our NGINX build has been patched to fix this issue. The patched version is nginx/1.13.2. We … Continued
We’ve fixed a bug where nginx configuration was not correctly re-generated when using let’s encrypt and enabling/disabling varnish. This could have resulted in SSL domains pointing towards varnish while varnish was disabled/not running resulting in a 502 error. Now depending configurations are re-generated correctly when changes are being applied. We’ve added TLS support for FTP … Continued
Today we deployed some changes to the code of our emergency rescue strategy. In case a Hypernode goes down as a result of a saturated PHP-FPM queue we try to detect malicious patterns in the pending requests running on the FPM workers. If the request pattern across the server looks like a brute-force attack or … Continued
Today we will be gradually rolling out a version update of Varnish and Nginx on the Xenial Hypernodes. Nginx will be upgraded from nginx/1.10.2 to nginx/1.13.1. The changelog for the differences between these versions can be found here. Our current 1.10.2 build has IPv6 disabled, which we expected to be fine since the Hypernodes do … Continued
Today we updated PHP 7 on the Xenial Hypernodes to PHP 7.0.20.
We’ve improved how our code manages the varnish installation for Ubuntu 16.04 Xenial and Ubuntu 12.04 Precise nodes. fixed configured vcl being lost on full update (16.04 Xenial) fixed configured vcl being lost between node migrations (16.04 Xenial) fixed varnish getting reinstalled on full update (16.04 Xenial) fixed varnish getting restarted on full update (12.04 … Continued
We’ve whitelisted the Ayden’s HTTP user agent, from the bot ratelimiting. It’s no longer subject to the bot ratelimiting mechanisms.
We’ve moved certain security restrictions from the magento2 configuration into the global magento1/2 security configuration file. In specific the following files are no longer reachable from external: auth.(json|lock) package.(json|lock) composer.(json|lock) Gruntfile.js cron.php Hidden files are also denied with a 403 now instead of a 404. Furthermore we’re working hard on the Xenial migration. Many changes … Continued
Over the past couple of weeks we’ve been very busy preparing to upgrade Hypernode to the latest LTS version Ubuntu 16.04 Xenial. While for Hypernode we highly modify the Ubuntu base, upgrading to this newer version will have many advantages like newer releases of various packages. For Hypernode we build all important parts of the … Continued
We’ve released a new version of the Hypernode plugin for n98-magerun, that you can use to test weak admin passwords. As admin accounts are increasingly brute forced, it is essential that you don’t use “guessable” passwords (such as steven123). This plugin will show you weak passwords in your store. More information, run magerun hypernode:crack:admin-passwords –help … Continued
In this release it becomes possible to whitelist IP addresses on development plans, so that they are exempt from the basic authentication requirements. This may be useful to test external payment providers or other kind of external services which do no support basic auth. The whitelist file is placed in /data/web/nginx/whitelist-development-exception.conf and looks like this: … Continued
Today’s release implements two security measures on Hypernode. Yesterday a new double-free vulnerability was announced in the Linux kernel. We’ve implemented some rules to mitigate this vulnerability until all nodes are running the new patched kernel. Additionally we’ve seen an increase on brute-force attacks on the Magento /downloader. In this release we blacklist a range … Continued
We’ve updated the monitoring of development nodes. The alerting for these plans has been changed to only alert during business hours.
Today we will update the hypernode-ssl-config-generator so that it generates Nginx server definitions without a www. prefix in the server name. This additional server_name was unneeded because dehydrated only creates certificates for the domain you specified, not automatically also a www. domain. A new config will automatically be generated the next time you run dehydrated … Continued
On development plans it’s now possible to use let’s encrypt again. The relevant requests have been made exempt from the basic auth. We fixed a regression in our shrink_ibdata1 automation. A regression had been introduced by the MySQL version update end November. We added an alias sf2 which shows all magento2 storefronts. It executes cd … Continued
This release contains a change to the default Nginx whitelist that makes SendCloud exempt from the standard bot ratelimit. The FPM slot limit still applies. Users can further configure their ratelimiting settings in the Nginx config in /data/web/nginx. Also in this release: more tweaks to the WAF for yesterday’s RCE mitigation The Cart2Quote development team … Continued
We’ve added new rules to our web application firewall to block hacking attempts relating to a remote code execution exploit found in the EM_Ajaxproducts and Ophirah_Qquoteadv plugins. We scanned all Hypernodes, if your shop had any of these two plugins installed you will have received an email with more specific information. Other changes in this … Continued
We’ve changed our composer update itself with the –stable flag. Freshly provisioned nodes however did not understand this flag yet, due to the initially deployed composer being too old. We’ve updated composer in our repository so that all new nodes will be able to update themselfs to the latest stable composer.
PHP 7 on Hypernode has been updated to 7.0.14.
Because it is December we have done our best to make as little alterations to the platform as possible to provide the most stable hosting experience for our customers during these busy holiday months. However we do have some updates to share. These are some of the things we have been up to since the … Continued
We now block all user-agents which contain the term “Visbot” inside the user-agent string.
We are in the process of updating MySQL to the latest version, to get the latest improvements and security fixes. Last night we updated all Hypernodes with starting letters U-Z. Tonight we will update all Hypernodes with starting letters M-T. Tomorrow night all Hypernodes with the starting letters A-L and 0-9 will be updated. … Continued
This release implements Magento 2 detection for the hypernode-importer so that a message can be displayed that we at this time do not support Magento 2 in the hypernode-importer yet when a Magento 2 shop is attempted to be imported with this tool. The message reads “importing Magento 2 with the hypernode-importer is not supported … Continued
Today we are installing two requested packages on all PHP 7 Hypernodes.
We’ve improved our auto recovery to automatically attempt fix filesystem inconsistencies on boot. In rare occasions a Hypernode would be forced to reboot off an uncleanly closed filesystem. On boot it would then prompt asking what to do (if it should recover). A recovery is now automatically attempted, reducing recovery time for these cases.
Today’s release updates PHP on PHP 7 Hypernodes and other minor changes. PHP 7 updated from 7.0.12-1 to 7.0.13-1. You can look at our packaging here if you are interested in that sort of stuff. The hypernode-importer can skip Magento path autodetection If the host has many files in the directories where the hypernode-importer will … Continued
We tightened our fail2ban rules for rss/notifystock bruteforce attempts to ban 24 hours instead of previously 2 hours. Additionally we enabled the automatic recovery for all nodes now, along with a minor improvement in the auto recover logic.
For all Hypernodes with the first letter A-L we’ve stopped HHVM unless it was used. On the remaining Hypernodes (M-Z), we stopped HHVM already in an the earlier release. HHVM is deprecated in favor for PHP7. In order to save memory we’ve stopped HHVM on all nodes which were not using it to reclaim memory. … Continued
For all Hypernodes with the first letter M-Z we’ve stopped HHVM unless it was used. The remaining Hypernodes (A-L) will also receive this feature in due time. HHVM is deprecated in favor for PHP7. In order to save memory we’ve stopped HHVM on all nodes which were not using it to reclaim memory. New Hypernodes … Continued
For all Hypernodes, whose first letter begins with M-Z, we’ve enabled a new automatic recovery feature today. All Hypernodes starting with letters A-L will receive this feature as well in due time. Should a Hypernode become unreachable or unresponsive, our automation will attempt to resolve the problem before alerting one of our technicians. The automation … Continued
Today we deployed some changes to the hypernode-importer which might end up saving you some time when migrating a Magento shop to a Hypernode or a local hypernode-vagrant development environment. The –set-maintenance-on-source flag This new option for the hypernode-importer enables you to automatically put the Magento installation you are importing from in maintenance mode before … Continued
As of now newly ordered Hypernodes will not have HHVM available anymore. Support can re-enable HHVM for you, should it really be necessary. We recommend everyone to use PHP7 instead. It delivers an even better performance boost and is better maintained by the community.
We’ve updated the NGINX config reloader to not allow absolute includes. Absolute includes worked against the NGINX config reloader. The purpose of the config reloader is to ensure that the live config is syntactically correct and working, having an outside dependency (include) that can change the running live config can cause NGINX to no longer come up. Specifically the following includes are … Continued
We’ve improved the let’s encrypt implementation. Firefox now accepts the certificates as expected.
In this release we made a couple of minor changes to our configurations on Hypernode. Increased the server_names_hash_bucket_size to 128 The server_names_hash_bucket_size NGINX config value was increased from 64 to 128 as it was causing issues with longer domain names. For example previously trying to generate an SSL configuration for domains of a certain length … Continued
Yesterday we started rolling out a pre-configured Let’s Encrypt automatic renewal and configuration mechanism based on dehydrated. We noticed a bug in our SSL config generation script that made it impossible to load certificates for more than one domain. This has been fixed now. If you ran in to this problem you can re-run dehydrated … Continued
In this release we started rolling out compatibility with Let’s Encrypt auto-renewal. Previously it was already possible to use Let’s Encrypt certificates on Hypernode by uploading them to the service panel, but the real beauty of Let’s Encrypt is in it’s short lived certificates which can be automatically updated. Requesting a Let’s Encrypt certificate on … Continued
The last couple of weeks we have been mostly focused on improving our back-end logic for dealing with external API failures and implementing extra tests for our automation. However there were some things we did that might be interesting to hear about for Hypernode users so here is a short summary. OpenSSL CVE-2016-6304 Early last … Continued
This release contains an update of the wildly popular Hypernode & Elgentos n98-magerun modules. Import change: all Hypernode commands can now be found in the hypernode:* namespace (see a list here). Also, we have released software to support Let’s Encrypt in an upcoming release shortly.
We updated the Blackfire PHP5 probes to the latest versions (agent 1.7.4, PHP probe 1.12.0) We updated the GeoIP* database to the latest version which comes with Ubuntu 16.04 We included the GeoIP city database into NGINX. The city fields are now available in the PHP $_SERVER environment variable. Fixed a problem where backups were … Continued
Today all Hypernodes starting with N-Z and 0-9 will be upgraded to a newer NGINX version. Additionally we made some changes to our Web Application Firewall (WAF). If you notice something out of the usual or think this new configuration is somehow clashing with your NGINX configuration, please contact us.
We’ve deployed the latest PHP 7.0 to all nodes running PHP 7.0. This is PHP 7.0.10, that contains a couple minor security fixes. Please find the changelog here: http://www.php.net/ChangeLog-7.php#7.0.10
Today all Hypernodes starting with the letters A-M will be upgraded to a newer NGINX version. Additionally we made some changes to our Web Application Firewall (WAF). If you notice something out of the usual or think this new configuration is somehow clashing with your NGINX configuration, please contact us. Also we upgraded the globally … Continued
This release contains a couple of new hypernode-importer features that have been used by our onboarding team for a while already and today they have been added to the help menu so they can be used by all Hypernode users. Importing the webroot from the filesystem instead of the remote host This flag enables you … Continued
The per IP dynamic worker limit is now enabled for all nodes starting with N-Z and 0-9. Any IP address who is using too many PHP workers (already) will receive a 429 error code on their next request. Documentation on how to whitelist IPs or disable this feature can be found in our knowledge base.
We installed Compass and Sass, a CSS pre-compiler that provides organizable, reusable CSS. This tool received 18 votes on our Uservoice. Please let us know if you have any issues with the versions we’ve provided, as they come from the default 12.04 repositories. Also, we installed Node.js (version 0.10.37) by default on all Hypernodes. No need to install … Continued
In this release we increased the FastCGI buffers by default, because in some corner cases customers had to increase these themselves. Next to that we changed the implementation of the dynamic request limit per IP in such a way that it can be overridden in the Nginx config. Documentation about this will follow.
All nodes starting with the letter A-M, will have the slot limiting enabled as described here. We’ve disabled the MySQL bin logs, since we do not do any replication. This avoids unneeded overhead.
We released a few minor changes and improvements to the platform: We’ve added two new Magerun commands for Varnish:
turpentine:config:save Save and apply Turpentine's VCL configuration to Varnish
turpentine:varnish:flush Flushes all cached varnish URL's.
We’ve installed ‘zip’. Allow files from within /.well-known/ folder as per RFC5785. It’s used for discovery of policy or other information by Apple’s appstore, Let’s Encrypt and others. We’ve added a cron and monitoring to … Continued
A vulnerability was discovered in the Magento module WebForms Pro 2. We’ve added a security filter to deny PHP files to be executed from within the upload directory of the module WebForms Pro 2. All requests looking like /js/webforms/upload/*.php will be denied. All users of the module WebForms Pro 2 should immediately update to the … Continued
We’ve release a filter for the amasty feed plugin vulnerability (more information here). Anyone using this plugin should update immediately! The filter is placed inside /data/web/nginx/amastyfeed.conf. If you updated your plugin and want to disable the filter, please comment out the filters in that file. We now also deny any requests made towards the /shell/ … Continued
We will be (slowly) releasing a limit for how many PHP workers a source IP can use. Initially we will allow a source IP to use all but 2 PHP workers, in the long run this limit may get set even lower. Today we released this change for all Hypernodes starting with the letter A. … Continued
Rotate nginx logs every hour if they are larger than 200MB. This is to avoid using excessive disk space for access logs on the root partition. For the most successful hypernodes rotating the logs on a nightly basis was no longer enough. Instead of keeping 14 logs we now keep the last 30 rotated logs.
Today a set of vulnerabilities was disclosed surrounding CGI-like environments. Luckily due to Hypernode’s thoroughly tested continuously integrated deployment environment we were able to roll out a mitigation strategy on all Hypernodes quickly and safely soon after the news broke. block the HTTP_PROXY header from being passed on to PHP-FPM The Nginx configuration now contains … Continued
Longer pipe_timeout for Varnish. Click here for more information. We added -p pipe_timeout=300 to the Varnish DEAMON_OPTS SOLR is stopped and started during migrations to prevent stale locks from being transferred Lock out the app user during crucial parts of migrations for safer upgrades Improved the automatic cron flocking pattern matching The hypernode-importer also synchronises … Continued
We’ve been gradually improving our standard of quality for the Magento Vagrant development environment hypernode-vagrant. This is becoming increasingly important with the growing adaptation of the boxfile among our customers and other Magento developers. This week we have deployed various changes to both increase ease of use and performance. package the latest virtualbox guest additions … Continued
Release 3071 brings a lot of goodness to your Hypernode. The default DigitalOcean data center where Start, Grow and Go Big Hypernodes are booted has been changed. The Magento 2 install on new Trial accounts has been updated to version 2.1 (trials with Magento 1 are still possible). Using SSH on your Hypernode is now possible with the … Continued
Today’s release disables the old staging ports and includes some other changes. Recently we added more conventional staging ports for better integration with Adyen and Cloudflare as requested here on our Uservoice. Now a few weeks later we are removing the old and deprecated staging ports 10080 and 10443. If you are still using the … Continued
This release brings several improvements to the hypernode-image-optimizer: –experimental: 2-3 times slower but 30-50% better compression Max image size default changed from 1000 to 2000 pixels (image optimizer) Runs on lowest I/O priority so heavy optimize jobs will not clash with regular performance. Also, we implemented many improvements to support the Hypernode Vagrant image.
We’ve updated the Varnish -> Nginx timeout to be in sync with the Nginx -> PHP handler timeout. When using Varnish in the past long backend tasks would timeout too early, Varnish would close the connection towards Nginx early. Now Varnish will timeout after 15 minutes, which is the same compared to non-Varnish Hypernode users.
This release brings you: Booting DigitalOcean Hypernode’s in multiple datacenter locations worldwide on request php7cc installed by default so you can easily check PHP 7 compatibility of your codebase from the command line Updated modman to 1.12 Disable weak SSH ciphers: arcfour, arcfour128 and arcfour256
To accommodate PHP 7, we deploy the lastest PHPMyAdmin release (4.6.1). Previously, PHP 7 users could not use PHPMyAdmin. Happy PHPmyadmining!
We’re increasing the max_packet_size in MySQL from 32mb to 64mb in order to ease imports and to fix backups for some nodes. Existing nodes will not notice this since a restart is needed for this to take effect, which will happen when we will execute a MySQL update. Also in this release: adjust gone-posts killer … Continued
Upstream patches are still incomplete for CVE-2016-3714, in the mean time this update blocks more vulnerable ImagMagick “coders” (modules) as a workaround: HTTP, FTP, TEXT, SHOW, WIN, PLT, LABEL.
This release updates PHP from 7.0.5-3 to 7.0.6-1. There is a known PHP issue that affects our code compiler when using PHP 7.0.5. We recommend you not use PHP 7.0.5. See: http://devdocs.magento.com/guides/v2.0/install-gde/system-requirements.html Other changes: – mark uptimerobot as a non-bad bot – update Hypernode/Elegentos modules to be compatible with the latest magerun – depend … Continued
We’re updating all hypernodes to include the workaround specified by ImageMagick for CVE-2016-3714 until the fixed ImageMagick releases will become available. This will effectively disable the following four “coders” (modules): HTTPS, EPHEMERAL, MVG, MSL
During today’s PHP 5.4 to PHP 5.5 migration some customers reported problems with the ioncube loader in PHP 5.5. This release updates the ioncube loader to 5.1.2 in order to fix the following error:
PHP Fatal error: The file [path_to_file] was encoded by the ionCube Encoder for PHP 5 and cannot run under PHP 5.5.
Please ask the provider of the script to provide a version encoded with the ionCube Encoder for either PHP 5.3 or PHP 5.4 or PHP 5.5. in Unknown on line 0
Our rate limiter kicks in when foreign bots (non-search engines) hammer your shop. Previously, they were rejected with a HTTP 503 code (temporarily unavailable). This has been changed into 429 (too many requests) as that is a more apt response. Also, we have added better out-of-band access for our operations department, in case something is … Continued
11 April 2017: due to low demand we deprecated SOLR in favor of sphinx. Starting now we don’t sell SOLR plans anymore. In today’s release we have: Solr is available on request for all Excellence Hypernodes. Please contact Support if you’d like it enabled. We moved the sessions from one place to the other. We … Continued
Release 2871 brings a new variable $custom_server_name to control the custom server name instead of overwriting server_name directly. This fixes a potential configuration collision between licensing based on server_name and TLS certificate selection: server_name is used to select vhosts and the TLS certificates. It is also passed on to PHP as fastcgi_param so it shows … Continued
We’ve updated the New Relic agent to the latest version, which is compatible with PHP 7.0. So we’ve also added New Relic to PHP 7.0 when you enable it on the Service Panel. Also, we’ve made some tweaks to the OOM killer, which is a piece of software that is triggered when your Hypernode runs … Continued
It’s been a while but a lot has happened with Hypernode as always! Let’s get right to it: external FTP connections are now rejected by default, unless specific IP is whitelisted external MySQL connections are now rejected by default, unless specific IP is whitelisted PHP 7 has received extra modules: gd, zip and soap We’ve … Continued
The moment is finally here! PHP 7 is available on Hypernode. These are the changes we’ve made since the last release: PHP 7 support New PHP version available: 7.0.4. You can upgrade in the service panel or try it out in the Vagrant Installed modules: Curl, GD, IMAP, intl, mbstring, mcrypt, mysql, ldap, pgsql, pspell, … Continued
We’ve been quite busy here at Byte, this changelog highlights some of the changes we made since the last reported release: Varnish 4.0.3 is now the default on new Hypernodes We will be reaching out to customers who are currently running Varnish 3 to discuss upgrading to Varnish 4. added esi_disable_xml_check flag to Varnish 4 … Continued
This release adds some great functionality to the preinstalled Magento Swiss army knife N98-Magerun: The handy extensions of Peter Jaap Blaakmeer have been added. Hypernode-sponsored features to check for updated modules and required patches.
We’ve updated our nginx webserver to include http2 support. All our hypernodes now have http2 enabled. Magento2 trials now get magento2 pre-installed, to make it much more convenient to explore Magento2. When ordering a normal hypernode trial, the pre-installed magento version is still Magento 1. In HHVM we’ve enabled the zend compatibility mode which makes … Continued
Support for Magento2 has been in the works for a while. It started with the update to PHP 5.5 in release 2451. And now we have a first version of Magento2 support for Hypernodes. To get an Nginx config for Magento2: place a file named magento2.flag in /data/web/nginx/ Our Nginx config reloader will pick that … Continued
Hypernode changes: New hypernodes will be provisioned with php 5.5 All existing nodes remain on php 5.4, if you would like to switch to 5.5 please ask our support staff. In case a website on a hypernode gets hacked, we can now administratively disable the sites on it to prevent further damage. Improvements to our … Continued
Hypernode changes: Added fdupes to hypernode stack for deduplicating images Passive FTP through AWS is now supported Improvements to our deployment infrastructure: Tweaks to internal tools for faster access to all nodes More expansive monitoring of our internal systems Shorter cycle times for scaling our continuous deployment Persistent storage of job progress for inspection and … Continued
No more memory limits on PHP processes A while ago, we introduced a global cgroup limit on memory. This is a safeguard that makes sure the app user does not use more memory than is healthy for the Hypernode. The total of memory used by processes owned by the app now cannot exceed a certain … Continued
A lot of exciting stuff has happened since the last update, mostly on the infrastructure side of things relating to the stability and monitoring of the platform. Internal changes: New method for creating crash recovery backups on the Digital Ocean nodes using S3 Automatic complete restoration of production nodes from backup All Magento Start and … Continued
So it’s been a busy week at Hypernode headquarters. There’s been lots of development on internal processes and customers testing Varnish brought up lots of interesting bugs to fix 🙂 This release brings you: Migrating nodes that have Varnish enabled will now just work ™ instead of crashing. We’ve created Jenkins jobs that test Hypernodes … Continued
This release features preliminary support for Varnish using the Turpentine module for Magento. The change should not affect current Hypernodes, because Varnish is disabled by default (requests are not routed through Varnish, nor is it started by default so it does not use up any memory). Customer overrides of Nginx should all still work. To … Continued
Access to magmi is now blocked by default to protect shop owners from exposing an unsecured magmi installation to the world. Further improvements to memory management have been made, ensuring even greater stability in the event of an out-of-memory situation.
Automatically install Magento on new Hypernodes Composer has been made available due to popular request Updated n98-magerun to 1.97.4 Updated the ionCube Loader to v5.0.15 Increased stability in memory management
In some configurations Sphinx failed to respond to requests from the Magento admin panel, this is now resolved. Additionally, by request lftp has now been made available on the Hypernodes.
Stability release: It was discovered that the php.ini memory_limit wasn’t enforced for PHP-FPM which would crash a node in extreme circumstances. Now a large but sane limit is enforced (256M for Start, 512M for all other Hypernodes). The filter that we installed to counter the immediate threat of Shoplift exploitation turned out to block a … Continued
This is primarily a stability release with the following tweaks: Better memory management for Hypernode Start plans. Fix bug with SSL file verification Automatic cleanup old incident files (2 months+) Better handling of full disks
This release implements a filter that prevents SQL injection attacks made possible by a security flaw in aheadWorks Blog.
We’ve had quite a few cases recently where nodes became unresponsive due to the runaway creation of PHP sessions on the disk. In practice, a storage filesystem has two limits: size in bytes, and number of files (inodes). With this release, we actively monitor on the percentage of available inodes. Reaching the limit is an … Continued
We have updated n98-magerun to version 1.95, which is the latest. Also, we fixed an issue with some themes that place PHP files in the skin or js directory. The themes use these to dynamically generate CSS or JS and will now be properly executed. Lastly, we improved the way we automatically filter shoplift attacks.
We have added filter rules to mitigate the Magento SUPEE 5344 attack for most cases. Be advised, if you haven’t patched your Magento installation yet, we strongly advise you to do this. Also in this release: Added the Python “pip” package manager on all nodes; Added the Ruby executable on all nodes; Added support for the Sphinx … Continued
After witnessing large scale brute force attacks at /downloader/ URLs (Magento Connect interface), we have extended our brute force filter. This will save resources and minimize the risk of hackers actually finding your password! Subjects are temporarily (2h) banned after trying 10 POSTs.
We have further tuned the query cache parameters for the Percona database server. This gives a few percent performance gain on most shops. Hypernode CLI tools are improved: you can now use, for example, tail -f /var/log/nginx/access.log | parse-nginx-log –php to see a live stream of PHP requests. Head to our knowledgebase for some more … Continued
Quickly save 30% of Magento disk usage and loading speed for your visitors: this release introduces the hypernode-image-optimizer. Also Subversion is now installed (as requested by 42Functions) and HHVM does a conditional nightly restart to counter memory leaks.
This release enables a BETA feature: run a staging environment on a different port. This way, you can quickly make a copy of a production shop to analyse a specific bug. Or publish your pending release, so that your customer can try it out. We invite early adopters to test it and let us know … Continued
A multi bug fix release. Outgoing mail is rerouted through Byte mailservers. This fixes an issue where we boot a cloud server that was previously used to send spam, and its IP is on a blacklist. RC4 cipher is removed for sites using SSL. This will enable SSL sites to score an A at the … Continued
This is a MySQL server upgrade from version 5.6.16-64.2-569 to 5.6.22-71.0-726 and fixes a (low risk) bug that was recently published. No functional changes were discovered in the acceptance tests nor distilled from the Percona changelog, so everything should work as usual! The upgrade also squelches a warning from the Qualys scan. Upgrading took place … Continued
Update: the upgrade was rolled back until further notice, due to XML crashes. We’ve upgraded HHVM from version 3.3.0 to 3.4.2. Functionally speaking, this is a transparent upgrade for Magento. However, this solves an important memory leak issue, which in some cases could eat all of a server’s memory, causing it to crawl to a halt. … Continued
On request we made pdftk, imagemagick and a new version of n98-magerun available. PDFTK is a toolkit for converting pdf, imagemagick is a swiss armyknife for converting images and n98-magerun is a toolkit for managing magento installations on the commandline.
Vagrant image is now available By popular demand, we’ve been working on a Vagrant image for Hypernode. This image allows you to develop your site on an environment exactly like a Hypernode, only on your own your laptop or PC. Have a look at our Github repo for the Vagrant image and give it a … Continued
Thuiswinkel.org security scan now succeeds The scans Qualys performs for Thuiswinkel.org often ran afoul of our intrusion detection system (IDS). We’ve now tweaked the IDS so, that Qualys can pass the test. Thanks for working with us on this, Pieter!
Deprecated SSL protocol SSLv3 no longer supported Many techblogs have reported that a big security hole named POODLE was found in SSL version 3. This protocol version has been deprecated for years in favor of TLS. To keep our Hypernodes safe and care-free, we’ve decided to disable SSLv3 support. Impact The impact will be negligible: … Continued
Missing media no longer triggers Magento 404 Our Nginx configuration contained a flaw that caused all missing media files (images, css, js) to be routed to Magento. Magento then renders a nice 404, but nobody is interested in that page. So we’ve changed the configuration to be more like the standard Magento config for Apache … Continued
Storefront overview For shops with many storefronts, it can be a tedious job to make sure all domain names are correctly configured. One by one the domain settings would have to be visited and verified. This frequently caused mistakes and misconfigured domains. A new tool was added to the Byte service panel to show the … Continued
Magento Brute Force Protection Brute force attacks against popular web applications, such as WordPress and Magento, seems to be surging lately. Botnets use dictionaries and try to log in on the back-end with various common passwords. If this succeeds, it is easy to install a malware component to send spam, steal payment information etcetera. Even … Continued
You can now connect your suppliers through FTP As you might well know, FTP is an old protocol that is, at it’s core, unsafe to use. The protocol uses passwords, and worse, these are sent in plaintext. So up to now, we only offered an SSH logging, thus supporting SFTP, rsync and scp. Unfortunately, there … Continued
New Relic for Hypernode We’ve added New Relic to our Hypernode stack. You can now inspect the performance of your shop with just a mouseclick. To enable this feature, go to the Service Panel and activate New Relic for your Hypernode now! Thanks, Gertjan! Other fixes Set the base URL when importing One common pitfall when … Continued
Making sure you can handle bad bots #2 Update March 2016: we have changed the 503 response code (temporarily unavailable) to the – now standard – 429 (too many requests). A few of our customers experienced a scenario where all available PHP worker slots were full. Mostly caused by errant bots, this scenario typically results in … Continued
The new native mySQL driver for PHP has several advantages: better performance and better logging and statistics. Last weeks we have seen occasional “Lost connection to Mysql server” PDO exceptions which were unrelated to CPU load, I/O, mem usage, slow DB queries or persistent connections. With this upgrade we rule out the possibility of an … Continued
Making sure you can handle bad bots A few of our customers experienced a scenario where all available PHP worker slots were full. Mostly caused by errant bots, this scenario typically results in a slow site in mild cases, or timeouts for clients in heavy cases. We want to empower you and make sure you … Continued
This Hypernode release brings a lot of small fixes. the Redis-database is no longer saved to disk. A drawback is that your cache in Redis will be flushed if Redis restarts, but the pro’s outweigh the cons :). Redis performance will get a boost and be more predictable because it doesn’t have to write to … Continued
Updated HHVM fixes all currently known problems We’ve updated our HHVM binary to the latest daily build. This build includes fixes for all currently known problems with HHVM. The HHVM team fixed a lot (!) of things, but our HHVM guru Daniel Sloof fixed the specific problems below for us. Thanks for championing them, Daniel! … Continued
Hypernode Importer tweaks We’re releasing two small fixes to our Hypernode Importer today. This is the tool that imports an existing Magento installation into your Hypernode. It now flushes the Redis cache after it has finished importing. It can now properly handle modules that rewrite the Varien/Autoloader; most notably ExtendWare and AITOC modules. … Continued
We now properly set MAGE_RUN_TYPE and MAGE_RUN_CODE We’ve corrected an error in our Nginx configuration. We used to always set MAGE_RUN_TYPE to “store” and MAGE_RUN_CODE to “default” in your Magento environment. Luk van den Borne asked us to change this behaviour because it is incorrect. It leads to notorious problems with getting error 404 codes when … Continued
Magento sessions now properly cleaned We’ve recently experienced a couple of outages for individual customers that exhausted the inode capacity on their Hypernode. That is techno-babble for “there were so many files that the disk was full” 🙂 This is an especially hard-to-detect problem for customers, because the maximum-number of files is difficult to monitor and … Continued
phpMyAdmin now available for use By popular request we’ve added phpMyAdmin to all Hypernode nodes. It is available at http://myapp.hypernode.io/phpmyadmin Note that phpMyAdmin is only available on the hypernode.io URL, but not on any of your storefronts. This ensures that our phpMyAdmin does not collide or interfere with any of your stores. Read more about … Continued