Hosting Issues Resolved, Security Enhanced
Saturday, 7th June, 2008
Dear Valued Customers,
Yesterday at 3pm we started an installation that was expected to take only minutes to perform. This installation was intended to enhance security and improve the delivery of our services to you. Unfortunately the upgrades did not go as planned and while we where able to get the system back online after two hours, we where not out of the woods. The road has been rocky, but we have now successfully completed the security upgrades that where started, and are pleased to inform you that the server is back online and stronger than ever.
We apologize for any inconvenience this may have caused you or your company. We assure you that the experience has taught us several lessons about how to improve the management of our growth, and the implementation of these types of services. As we move forward with a clearer understanding, we can promise you that no future updates will be implemented that you are not first made aware of.
Because web security is an issue that is consistantly maturing in responce to aggressive attack methods, upgrades are not developed on a regularly scheduled basis. We can guarantee that the recent time spent has been for the best. Below are a few of the security upgrades that took place over the last 24 hours.
- The upgrade of the Apache Server to version 2.2.8
This is the core system that runs our web server. It is a bullet proof system that now includes several years of enhancements surrounding thread management, benchmarking, and strengthend security. Read More Here.
- The upgrade of modSecurity for Improved Filtering
ModSecurity is a web application firewall (WAF). With over 70% of attacks now carried out over the web application level, organisations need all the help they can get in making their systems secure. WAFs are deployed to establish an increased external security layer to detect and/or prevent attacks before they reach web applications. ModSecurity provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with little or no changes to existing infrastructure. Read More Here.
- The upgrade of modAccessibility for Improved Content Accessibility
MOD Accessibility is a fully automatic aid to making websites more accessible. The goal is to improve Websites and Intranets for everyone. The implementation of this system will be benefit all of our clients moving forward, as we work to improve the usability of all web page content we develop. With this upgrade, we can improve our service offerings to provide accessibility options for your Hearing Impaired, Visually Impaired, and Physically Impaired clients. Learn More Here and the Author Here.
- The upgrade of PHP to include both PHPv5 and PHPv4 for our Legacy Clients
PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML (Hypertext Markup Language - the basic stuff that makes the WWW work). PHP is the language that we use for just about all of our web application development, and is now the most common solution for web developers. While many of you probably have very little understanding of how this whole "web thing" works, it may be interesting for you to read up on the History of PHP and how some individuals like Stefan Esser are contributing to the open community to improve PHP security, in many respects a major contribution to the future of "WEB Security".
We thank all of you for being a part of our vision, and working with our team over the years. We feel very disheartened when we experience issues like those in the last 24 hours, but we hope together we can continue to mature with the best solutions possible.
Thank you for your faith and support,
The Holodyn Corporation