Charlottezweb

Recent Posts

Pages: [1] 2 3 ... 10
1
Virus and Security Alerts / Re: WordPress Security Alert - March 6, 2017
« Last post by Jason on March 06, 2017, 05:39:40 PM »
An email alert has been sent to all of our customers approximately 10 minutes ago with a link to this thread.

I've added this as a Client Area Announcement and tweeted it as well.
2
Virus and Security Alerts / WordPress Security Alert - March 6, 2017
« Last post by Jason on March 06, 2017, 05:15:49 PM »
WordPress has released a security update today that everyone should install immediately.

Given the severity, US Homeland Security has released a post today about it. 

If you have auto-updates set on your WP install you may have already received the upgrade automatically.  Most of the sites I personally manage were updated already earlier today.  If not, I'd suggest you do that asap.

You can read more on WordFence's post/alert here:

https://www.wordfence.com/blog/2017/03/wordpress-4-7-3-security-release

Regards,
Jason
3
Server Updates & Outages / February 27 and March 4, 2017 :: Lightning Outages
« Last post by Jason on March 06, 2017, 05:00:49 PM »
On February 27 and March 4, we faced service outages on server Lightning.  The server was up during both outages but http and mysql services were impacted.

Each outage was approximately 10-15 minutes in length from the time Pingdom alerted me to when http and mysql were restarted.  In some cases, some customer databases were corrupted due to the service stop and required a repair to be run.

In reviewing both instances, we're fairly confident that we've found a service running on the server that may have been to blame.  Unfortunately I'm not 100% positive (yet) but that's what the data is showing us.  I have disabled this service so that at worst case, we'll be able to rule that out if this happens again.

Service has been normal since this weekend after disabling that so I'm hopeful that's our solution.  If not, we'll review this again/further.

As posted on our Status Page, if you're seeing any errors on your site (that uses a MySQL database) on this server, running a database repair in cPanel will typically resolve it.  If not or if you'd like assistance, please email me or open a ticket.  I've created an article here on how to run a database repair in cPanel.

Thank you,
Jason
4
FAQs / Re: How to repair a database in cPanel
« Last post by aura on February 28, 2017, 10:51:55 AM »
Thanks again Jason.
5
FAQs / Re: How to repair a database in cPanel
« Last post by Jason on February 28, 2017, 10:44:15 AM »
Heh - no worries.  :)

You're very welcome.

Cheers,
Jason
6
FAQs / Re: How to repair a database in cPanel
« Last post by aura on February 28, 2017, 10:38:39 AM »
sneaks in all red faced like the naughty girl who got caught with her fingers in the candy jar...

am i the worst customer you have Jason? 

in my fixing i did a big opps.... thank you for just being simply amazing, your a wonderful host.

7
FAQs / Re: How to repair a database in cPanel
« Last post by Jason on February 28, 2017, 08:30:14 AM »
From what I'm seeing, your SMF Settings.php file is pointed to a database that doesn't exist.  Have you changed that file or removed a database by chance?

We can keep troubleshooting via your ticket if you'd like.

Regards,
Jason
8
FAQs / Re: How to repair a database in cPanel
« Last post by aura on February 28, 2017, 12:50:38 AM »
Hi Jason

I did this repair before I read your email.  It didnt work for me, so I figured it was something I had done, my site is still saying

Connection Problems
Sorry, SMF was unable to connect to the database. This may be caused by the server being busy. Please try again later.

Not sure if i have messed it up now. 

9
FAQs / How to repair a database in cPanel
« Last post by Jason on February 27, 2017, 06:53:20 PM »
Sometimes in the event of a service failure, a mysql database can become corrupted due to a partial save or lack of a save when the crash occurs. When this occurs, you may see errors (depending on the type of scripts you're using on your site) that show mysql errors or perhaps errors connecting to your database.

Normally this can be sorted by running a repair on the database in question in cPanel.  To do this:

1. Login to cPanel and click on the "MySQL databases" icon.
2. Select the database you'd like to repair under the "Modify Databases" section under "Repair Database" field.  [See below]



3. Click the "Repair Database" button.

Depending on the size of your database, that could take a few seconds to a minute or more to run.  It will give you the results once completed.

Regards,
Jason
10
Virus and Security Alerts / Cloudflare bug -- "Cloudbleed" -- February 24, 2017
« Last post by Jason on February 24, 2017, 11:12:28 AM »

This is big news and could theoretically impact sensitive data for thousands (if not millions) of websites.
 
Here are a few stories although they're popping up by the hour:

https://www.forbes.com/sites/thomasbrewster/2017/02/24/google-just-discovered-a-massive-web-leak-and-you-might-want-to-change-all-your-passwords/#328dae163ca3

https://medium.com/@octal/cloudbleed-how-to-deal-with-it-150e907fd165#.7yhhdigkg

https://www.wordfence.com/blog/2017/02/cloudflare-data-leak/?utm_source=list&utm_campaign=022317&utm_medium=email

https://bugs.chromium.org/p/project-zero/issues/detail?id=1139
 
"I'm finding private messages from major dating sites, full messages from a well-known chat service, online password manager data, frames from adult video sites, hotel bookings. We're talking full HTTPS requests, client IP addresses, full responses, cookies, passwords, keys, data, everything."
 
The bad thing about this is that during the time this issue existed (sounds like 5 months with the most activity in the past two weeks), search engines were crawling and caching these malformed pages meaning that you can visit search engines and search for specific things and find them archived.  This could be pages with security info, private messages, passwords, etc. injected right on the pages.  Google is working to find/clean these pages but just think of all the search engines out there globally that now have this information saved.
 
It might be worth the time to change all sensitive passwords as a precaution.

Note: Charlottezweb does not utilize Cloudflare itself although I'm aware of some customers who do.  I'm posting this story as it impacts countless websites that I'm sure we all use that do utilize their service.
Pages: [1] 2 3 ... 10