The data centre has informed us that they have postponed the network maintenance on 11 February. They have not yet scheduled a new date.
We apologise for the false alarm.
The data centre has informed us that they have postponed the network maintenance on 11 February. They have not yet scheduled a new date.
We apologise for the false alarm.
There will be network maintenance next month in the data centre where server NC020 is located. During this maintenance the server will be inaccessible for about five minutes. This is necessary maintenance that cannot be rescheduled.
The maintenance will happen between 06:00 and 12:00 on 11 February (UTC), but the server will only be inaccessible for five minutes during that six-hour window.
No work is occurring on the server itself.
This will only affect some websites, mostly those that use WordPress (but not all of them) and some other custom or recent web applications. It will also result in the brief delay of email to aliased domains and rotating email addresses. If you would like confirmation of whether or not you will be affected, or if you have any other questions or concerns, please contact support and we will respond.
Thank-you for your patience during this maintenance to keep our systems running securely and reliably.
The web server on NC020 was down between approximately 11:21 and 12:33 UTC today. We are investigating and will post a report here later today.
We have completed the maintenance to mitigate against exploitation of the POODLE vulnerability.
Because the effects of this maintenance could potentially be wide-ranging, please contact support if you have any issues with connecting over a secure connection to any of our servers. We don’t believe there will be any issues with web (HTTPS) connections, but there may be with some email (SMTP, IMAP and POP) connections by older email programs. That said, an exploit against this vulnerability has only been demonstrated using JavaScript and a web browser, so email connections (even if using SSLv3) are not generally considered to be at risk.
Thanks for your patience during this maintenance.
UPDATE, 2014-10-24: Please read some details on this maintenance, and learn more about SSL and TLS and email security, on our corporate blog.
The maintenance described in our last post is under way, but we are running into some issues that are delaying completion. While there may be sudden and unexpected interruptions in some services for some clients, we are aware of them and are working on them. If necessary, we will revert to old configurations while we re-evaluate the new configurations recommended to defend clients against the POODLE vulnerability.
Thank-you for your patience.
We will be conducting maintenance this weekend to address the above noted vulnerability. Please read more details about this on our corporate blog.
The emergency maintenance on server NC026 described earlier has been completed successfully. Thank-you for your patience.
To deal with an as-yet unpublished security vulnerability, server NC026 will undergo emergency maintenance today (1 October) starting shortly after 15:00 UTC. Down time should be brief, but will be noticeable for websites hosted on this server during the maintenance. Most of the websites hosted on this server are newer ones using more recent versions of WordPress. If you are not sure whether or not your website is hosted on this server, you can contact support to find out.
No email is hosted on NC026, so this maintenance will not affect email flow at all.
The problem with server NC020 actually started before the outage on Friday, about midday UTC. A client’s website was compromised, and the cracker downloaded scripts to cause the sending of spam. This took place over the course of a day or so, and eventually the spammer consumed all of the resources of the server. Although the server was still up, it was unresponsive.
Most websites are authorised to use the mail server on a hosting server, so we can’t block that ability completely. However, we will make a concerted effort to improve the monitoring of abuse (intended by the client or not) of this function.
In this case, we cleaned up all of the generated spam, removed the offending scripts, and will work with the client on the issues with their website security.
For the record, there are two levels of compromises: at the root level or the user level. At the root level is very bad, and requires a brand new server to be provisioned. This was a user-level compromise which, while bad, is easier to fix and recover from.
We again apologise for the downtime. We will be contacting and crediting affected accounts. We are always working to prevent security issues like this, but it’s an ongoing task. Thank-you for your patience and continued business. If you have any questions, please feel free to contact support.
An automated alert was issued at 14:04 UTC today that the web server on NC018 was down. Unfortunately no immediate action was taken by the data centre where the server is located, and the server was not restarted until 17:03 UTC.
We apologise for this significant delay. We have taken this issue up with the data centre to determine the cause of the delay and to ensure that it doesn’t happen again.
Other services on the server — email, nameservers, FTP and databases — were not affected by the outage.
Systems at a Glance:
| Loc. | System | Status | Ping |
|---|---|---|---|
| NC023 | Internal | Up? | |
| NC028 | Internal | Up? | |
| NC031 | Internal | Up? | |
| NC033 | Operational | Up? | |
| NC034 | Internal | Up? | |
| NC035 | Operational | Up? | |
| NC036 | Shut down | Up? | |
| NC040 | Internal | Up? | |
| NC041 | Operational | Up? | |
| NC042 | Operational | Up? |
Subscriptions:
Search:
Recent Posts:
Archives:
Categories:
Links
Tags:
Resources:
On NinerNet: