12Apr

New MySQL Hosting Platform – v5.5.30

April 12, 2013

This evening, Mr.Host migrated all of it’s MySQL hosting services, to a brand new MySQL database hosting platform, as well as upgraded the MySQL version to 5.5.30.

The new hosting platform is a significant upgrade from the old system, with much more memory, processing power, and much much faster hard drives.

All customer databases were moved to this new platform automatically; no changes were required to your sites or your site content to make this switch. Customers should immediately notice an improvement in their website performance and response time.

If you have any questions or comments about this upgrade, please don’t hesitate to Contact Us.

Maintenance, MySQL Questions? Contact Support
11Apr

DDOS Attacks Against WordPress Installations

April 11, 2013

For about 2 hours today, we experienced a DDOS attack against the estimated four thousand WordPress installations hosted on our web hosting platform. During this time customer WordPress installs were still accessible, but were degraded in performance.

It looks like the attacker was trying to (unsuccessfully) brute force the wp-login.php page, in an attempt to gain access to the WordPress admin interfaces.

We’ve managed to squash about 90% of the junk traffic, returning service levels back to normal. The remainder of the traffic should die out over the next few hours.

Customers are encouraged to re-evaluate their WordPress admin interface passwords, and to ensure that their WordPress installations, and any installed plugins, are fully up-to-date.

UPDATE:

TechCrunch posted an article about this with some more details:

http://techcrunch.com/2013/04/12/hackers-point-large-botnet-at-wordpress-sites-to-steal-admin-passwords-and-gain-server-access/

Performance Issues Questions? Contact Support
31Mar

GST/HST Changes for BC and PEI

March 31, 2013

As you may already know, the Canada Revenue Agency is changing how sales taxes are administered in British Columbia and Prince Edward Island.

British Columbia

On April 1, 2013 the 12% HST will be replaced by the 5% GST.

Price Edward Island

On April 1, 2013 PEI will follow the provinces of Ontario, Nova Scotia, New Brunswick, and Newfoundland and Labrador in replacing its PST with the HST. The combined HST rate in PEI will be 14%, of which 5% will represent the federal part and 9% the provincial part.

Mr.Host will be adjusting our tax rates as of midnight on April 1st, 2013. Good news for our BC customers who’s monthly bills will be going down; unfortunately, our PEI customers aren’t as lucky.

Billing Issues, Upgrades Questions? Contact Support
20Dec

PHP 5.3.20 Upgrade

December 20, 2012

This evening all Mr.Host web servers have been upgraded to PHP 5.3.20. Below are the changes since version 5.3.17:

Version 5.3.18

  • Core
    • Fixed bug #63111 (is_callable() lies for abstract static method).
    • Fixed bug #63093 (Segfault while load extension failed in zts-build).
    • Fixed bug #62976 (Notice: could not be converted to int when comparing some builtin classes).
    • Fixed bug #61767 (Shutdown functions not called in certain error situation).
    • Fixed bug #61442 (exception threw in __autoload can not be catched).
    • Fixed bug #60909 (custom error handler throwing Exception + fatal error = no shutdown function).
  • cURL
    • Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will cause cpu Soaring).
  • FPM
    • Fixed bug #62954 (startup problems fpm / php-fpm).
    • Fixed bug #62886 (PHP-FPM may segfault/hang on startup).
    • Fixed bug #63085 (Systemd integration and daemonize).
    • Fixed bug #62947 (Unneccesary warnings on FPM).
    • Fixed bug #62887 (Only /status?plain&full gives “last request cpu”).
    • Fixed bug #62216 (Add PID to php-fpm init.d script).
  • Intl
    • Fix bug #62915 (defective cloning in several intl classes).
  • SOA
    • Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice).
  • SPL
    • Bug #62987 (Assigning to ArrayObject[null][something] overrides all undefined variables).

Version 5.3.19

  • Core:
    • Fixed bug #63241 (PHP fails to open Windows deduplicated files).
    • Fixed bug #62444 (Handle leak in is_readable on windows).
  • Libxml:
    • Fixed bug #63389 (Missing context check on libxml_set_streams_context() causes memleak).
  • Mbstring:
    • Fixed bug #63447 (max_input_vars doesn’t filter variables when mbstring.encoding_translation = On).
  • MySQL:
    • Fixed compilation failure on mixed 32/64 bit systems.
  • OCI8:
    • Fixed bug #63265 (Add ORA-00028 to the PHP_OCI_HANDLE_ERROR macro)
  • PCRE:
    • Fixed bug #63055 (Segfault in zend_gc with SF2 testsuite).
    • Fixed bug #63284 (Upgrade PCRE to 8.31).
  • PDO:
    • Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec).
  • PDO_pgsql:
    • Fixed bug #62593 (Emulate prepares behave strangely with PARAM_BOOL).
  • Phar:
    • Fixed bug #63297 (Phar fails to write an openssl based signature).
  • Streams:
    • Fixed bug #63240 (stream_get_line() return contains delimiter string).

Version 5.3.20

  • Zend Engine:
    • Fixed bug #63635 (Segfault in gc_collect_cycles).
    • Fixed bug #63512 (parse_ini_file() with INI_SCANNER_RAW removes quotes from value).
    • Fixed bug #63468 (wrong called method as callback with inheritance).
  • Core:
    • Fixed bug #63451 (config.guess file does not have AIX 7 defined, shared objects are not created).
    • Fixed bug #63377 (Segfault on output buffer).
  • Apache2 Handler SAPI:
    • Enabled Apache 2.4 configure option for Windows.
  • Date:
    • Fixed bug #63435 (Datetime::format(‘u’) sometimes wrong by 1 microsecond).
  • Fileinfo:
    • Fixed bug #63248 (Load multiple magic files from a directory under Windows).
    • Fixed bug #63590 (Different results in TS and NTS under Windows).
  • FPM:
    • Fixed bug #63581 (Possible null dereference and buffer overflow).
  • Imap:
    • Fixed bug #63126 (DISABLE_AUTHENTICATOR ignores array).
  • MySQLnd:
    • Fixed bug #63398 (Segfault when polling closed link).
  • Reflection:
    • Fixed bug #63614 (Fatal error on Reflection).
  • SOAP
    • Fixed bug #63271 (SOAP wsdl cache is not enabled after initial requests).
PHP Upgrades, Upgrades Questions? Contact Support
24Sep

PHP 5.3.17 Upgrade

September 24, 2012

This evening all Mr.Host web servers have been upgraded to PHP 5.3.17. We missed a few updates between 5.3.14 and 5.3.17, so this post outlines all the changes since 5.3.14.

5.3.15

  • Zend Engine
    • Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)
  • COM
    • Fixed bug #62146 com_dotnet cannot be built shared
  • Core
    • Fixed potential overflow in _php_stream_scandir, CVE-2012-2688
    • Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent)
    • Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)
  • Fileinfo
    • Fixed magic file regex support
  • FPM
    • Fixed bug #61045 (fpm don’t send error log to fastcgi clients)
    • Fixed bug #61835 (php-fpm is not allowed to run as root)
    • Fixed bug #61295 (php-fpm should not fail with commented ‘user’ for non-root start)
    • Fixed bug #61026 (FPM pools can listen on the same address)
    • Fixed bug #62033 (php-fpm exits with status 0 on some failures to start)
    • Fixed bug #62153 (when using unix sockets, multiples FPM instances can be launched without errors)
    • Fixed bug #62160 (Add process.priority to set nice(2) priorities)
    • Fixed bug #61218 (FPM drops connection while receiving some binary values in FastCGI requests)
    • Fixed bug #62205 (php-fpm segfaults (null passed to strstr))
  • Intl
    • Fixed bug #62083 (grapheme_extract() memory leaks)
    • Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice)
    • Fixed bug #62070 (Collator::getSortKey() returns garbage)
    • Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern)
    • Fixed bug #60785 (memory leak in IntlDateFormatter constructor)
  • JSON
    • Reverted fix for bug #61537
  • Phar
    • Fixed bug #62227 (Invalid phar stream path causes crash)
  • Reflection
    • Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault)
    • Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with constant)
  • SPL
    • Fixed bug #62262 (RecursiveArrayIterator does not implement Countable)
  • SQLite
    • Fixed open_basedir bypass, CVE-2012-3365
  • XML Write
    • Fixed bug #62064 (memory leak in the XML Writer module)
  • Zip
    • Upgraded libzip to 0.10

5.3.16

  • Core
    • Fixed bug #62763 (register_shutdown_function and extending class).
    • Fixed bug #62744 (dangling pointers made by zend_disable_class).
    • Fixed bug #62716 (munmap() is called with the incorrect length).
    • Fixed bug #62460 (php binaries installed as binary.dSYM).
    • Fixed bug #60194 (–with-zend-multibyte and –enable-debug reports LEAK with run-test.php).
  • CURL
    • Fixed bug #62839 (curl_copy_handle segfault with CURLOPT_FILE).
    • Fixed bug #62499 (curl_setopt($ch, CURLOPT_COOKIEFILE, “”) returns false).
  • DateTime
    • Fixed bug #62500 (Segfault in DateInterval class when extended).
  • Enchant
    • Fixed bug #62838 (enchant_dict_quick_check() destroys zval, but fails to initialize it).
  • PDO
    • Fixed bug #62685 (Wrong return datatype in PDO::inTransaction()).
  • Reflection
    • Fixed bug #62715 (ReflectionParameter::isDefaultValueAvailable() wrong result).
  • Session
    • Fixed bug (segfault due to retval is not initialized).
  • SPL
    • Fixed bug #62616 (ArrayIterator::count() from IteratorIterator instance gives Segmentation fault)

5.3.17

  • Core
    • Fixed bug (segfault while build with zts and GOTO vm-kind)
    • Fixed bug #62955 (Only one directive is loaded from “Per Directory Values” Windows registry)
    • Fixed bug #62763 (register_shutdown_function and extending class)
    • Fixed bug #62744 (dangling pointers made by zend_disable_class)
    • Fixed bug #62716 (munmap() is called with the incorrect length)
    • Fixed bug ##62460 (php binaries installed as binary.dSYM)
  • CURL
    • Fixed bug #62839 (curl_copy_handle segfault with CURLOPT_FILE)
  • DateTime
    • Fixed bug #62852 (Unserialize invalid DateTime causes crash)
  • Intl
    • Fix null pointer dereferences in some classes of ext/intl
  • MySQLnd
    • Fixed bug #62885 (mysqli_poll – Segmentation fault)
  • PDO
    • Fixed bug #62685 (Wrong return datatype in PDO::inTransaction())
  • Session
    • Fixed bug (segfault due to retval is not initialized)
    • SPL Fixed bug #62904 (Crash when cloning an object which inherits SplFixedArray)
  • Enchant
    • Fixed bug #62838 (enchant_dict_quick_check() destroys zval, but fails to initialize it)
PHP Upgrades, Upgrades Questions? Contact Support