Release 6339: Improved logrotation for Elasticsearch, installed prips and more

In this release we have made a couple of small changes: improved our logrotation policies for Elasticsearch installed prips for printing IP ranges updated the before_redir.block_product_frontend_action NGINX configuration if unaltered to take into account alternative routes. Thanks Cipriano!

Read more

Show credit card hijack indicators, show no magento install found reasons, improve SUPEE10975 and bugfixes

Credit card hijack indicators We often receive questions about why a shop is showing up as vulnerable for the credit card hijack check. To make this more clear to users we’re now showing exactly which indicators we found on the webshop. This should be relatively easy to use for other checks as well, so expect […]

Read more

Release 6334: Install dos2unix

In this release we have installed the dos2unix package for converting DOS/MAC formats to UNIX. Thanks to RIFF for the suggestion.

Read more

Improved SUPEE-10975, more malware signatures and Cloudflare check removal

Malware signatures In this release we’ve added over 2400 new malware signatures to the credit card hijack check. So make sure to scan your shop for new malware on magereport.com Improved SUPEE-10975 check We recently got messages from several users indicating that the SUPEE-10975 check was giving false positives. We’ve listened to this feedback and […]

Read more

Release 6305: Increase max clause count for Elasticsearch

In this release we will change the max_clause_count from the default value of 1024 to 4096. This change should prevent this error from happening under specific circumstances:

The indices.query.bool.max_clause_count setting can not be set during runtime, for that reason we’ve configured it in /etc/elasticsearch/elasticsearch.yml. Changes will be deployed over the course of this week.

Read more

Release 6302: Mitigate unauthenticated SQL injection for Magento 2.2.0 <= 2.3.0

In this release we have deployed a user configurable server side mitigation for a security vulnerability that has been recently patched in Magento 2. For more information about the exploit in question see this article by Ambionics Security. Keep in mind that it is still important that you patch your shop as server side mitigations […]

Read more

Release 6297: Magento 2 preinstall updated to 2.3.1

Magento released a new version of Magento 2 yesterday. The Magento 2 preinstall on Hypernode has been updated to reflect this. The new preinstalled version when you order a Hypernode is 2.3.1.

If you want to try out the new Magento version with the official sample data (the Luma demo shop) check out this […]

Read more

Release 6293: Prevent misconfigured stores from sharing sessions between production and staging

In this release we’ve changed our configuration to set a different path for the PHP session files for the staging webroot to prevent the accidental sharing of sessions with the production environment. If this however was the intended behavior (in case you use staging to share the live data sources), you can configure the session.save_path […]

Read more

Release 6289: hypernode-servicectl can also restart Elasticsearch

In this release we will push an update to the hypernode-servicectl command-line tool that will make it so that the app user is now also privileged to restart the Elasticsearch service. The new option will appear when you have Elasticsearch enabled on your node.

To restart Elasticsearch on your Hypernode run:

Read more

Release 6271: PHP updates, 7.1.27-1 and 7.2.16-1

We have updated our PHP 7.1 version from 7.1.16-1 to 7.1.27-1 and the PHP 7.2 version from 7.2.7-2 to 7.2.16-1. For a complete list of changes see the PHP 7 ChangeLog. This update will be deployed on all Hypernodes that have either of these PHP versions enabled over the course of the coming week. To […]

Read more