I did a quick check of the servers and I found several outdated scripts that have been installed through Fantastico by users. I suspect that a lot of these are instances where users may have wanted to try out a script, but then forgot about the install and just left it. The problem with this is that these scripts remain active on your account even if you aren’t using them. If you installed Drupal to test it out, but never removed the installation, then you may have a very old version of Drupal setting on your account. These scripts have new vulnerabilities and exploits discovered in them all the time and the key to avoiding issues is to keep the script up-to-date. If the Drupal install is not being kept up-to-date, then it could make you vulnerable to a hack or other malicious activity on your account.

The plain and simple version of all of this is to delete any unused scripts off of your account and keep any used scripts up-to-date.

Following this advise will help to keep your account up and running and avoid any potential hackings and website defacements.

I am going to be working on a notification system where we can e-mail you about outdated Fantastico scripts that are installed on your account. Look for a notice either later this week or sometime early next week concerning your outdated Fantastico script installations.

Now would be a good time to insure that your contact information with us is up-to-date. You can update your contact information either in your control panel or by visiting:

http://www.amshelp.com

Steven

I hope everyone had a fun and safe holiday season. The year end holiday season is always interesting because you spend a lot of time with family and friends over the course of two or three weeks and then as the new year turns over we have to get back into our normal routine. We at AMS have been working on some changes to be made in the year 2009.

First, let me point out that the MySQL 5 upgrades have all been completed on our shared hosting servers. This upgrade went very smooth, with just a couple of incidents and problems surrounding the upgrade.

Next on our list of things to do is a full phase-out of PHP4. All of our servers are running PHP5 by default and your account is using PHP5 unless you have specifically written in requesting your account to use PHP4. PHP4 officially went end-of-life on August 7, 2008 with the release of PHP 4.4.9. This is the last PHP4 release. Any account that is still using PHP4 really needs to be updated to PHP5. We will be compiling a list of accounts that are still using PHP4 and sending out notices to those accounts sometime in January 2009.

We are also bouncing around an idea to start a new blog which focuses just on script updates. Internal discussions regarding this seem to indicate that this would be very useful for our customer base. This will be a way for us to inform our client base about new script updates, so that they can be made aware of them and apply the updates to their account. The discussion now is just on how best to set this up and what scripts to monitor. We won’t be able to monitor every script for updates, but hopefully some of the more popular scripts. Please feel free to send us comments or feedback concerning this.

We have spent the past several weeks doing a lot of upgrades to our internal computer systems. This is completely separate of our webhosting servers and did not affect any of your hosting accounts. These upgrades include a slight overhaul to our internal billing system and other workstations. These upgrades are still ongoing but we hope to have them completed within the next couple of weeks.

The big project that we will be working on this year consists of an upgrade to a few of our servers. Over time newer technologies become available. Faster, bigger servers become available. In order to insure that our servers stay up-to-date with these new technologies we like to keep our servers updated as much as possible. Our server updates consists really more as a server migration. We bring a new, bigger, faster server online and move your account over to this new server. Doing these types of upgrades on the same server that your account is currently on really isn’t possible, due to changes in the hardware and the resulting operating system changes, not to mention the downtime that would be necessary to perform these levels of upgrades. By moving your account to a newer and better server, we keep a full abort system in place, the old server stays around for a few days just in case problems are encountered. We have done these type of upgrades and migrations before and they all have gone very smoothly. Not all of our servers will be upgraded, some of our servers were upgraded just last year using this same procedure. Look for an e-mail soon as we begin these upgrades.

This is an overview of what has been happening at AMS and what some of our early plans for 2009 are. We hope that 2009 brings you a lot of prosperity and also a lot of fun too.

Scott

We have had a few clients ask about MySQL 5 on our servers. All of our servers currently run MySQL 4.1. Plans were made to begin upgrading our servers to MySQL 5.0 a couple of months ago, but then a bug was discovered in MySQL 5.0. Our MySQL system is dependent on cPanel and the upgrade actually comes through them. They are currently testing the new release of MySQL 5.0 but it has not yet made it to release status.

There are rumblings that this release will happen sometime in early December. It is at that point that we will begin updating our servers to MySQL 5. The version of MySQL will then be MySQL 5.0.67 unless another update is provided before then.

We can upgrade to MySQL 5.0 right now, but it would be a version that is known to have bugs. This is why we have put off the MySQL upgrade at this time. We don’t have a specific timetable for this upgrade, but we would like to have all of our servers upgraded by the end of December. This is of course dependent on the Quality Assurance testing from the cPanel team.

The MySQL upgrade is not expected to cause any problems or require any changes on the part of our client base. You should check back on the blog for updates concerning the upgrade.

Scott

A minor bug has been discovered in WordPress that affects versions less than 2.6.2. All users should upgrade to WordPress 2.6.3 to insure that you are safe from this bug.

More information on this is available at:

http://wordpress.org/development/2008/10/wordpress-263

Steven

We will be doing kernel updates on the servers this weekend. This will require a server reboot in order to load the new kernel.

This is nothing major and there are no major security issues with the current kernel on the server. We just like to periodically update the server kernel just in case new security advisories are posted.

If you notice your website being down for 10 minutes or so this weekend, then the server is likely being rebooted for a kernel update.

We just wanted everyone to be informed of this.

Scott