Santa Cloud is coming to town

The final countdown to Christmas has begun and we know that all of you can’t wait to spend some quality time with your family, friends, and loved ones. OK, maybe not all of you, we suspect there’ll be at least a few programmers donning their Halloween masks by mistake:

Q: Why do programmers always mix up Halloween and Christmas?

A: Because Oct 31 == Dec 25!

If you don’t understand, don’t worry (and Google it!), but most of all don’t be scared if you see a few confused ghouls roaming the streets over the next few days – these are the good folks that make the Internet world tick so give them a hearty handshake (and maybe a bucket load of sweets: let’s face it you’re going to eat enough sugar these next few days anyway!) on our behalf!

Read more…

Is it safe to use SSL SNI in production?

Thanks to SNI technology you can now host multiple SSL certificates on a single IP address. But what is SNI? How does it work its magic? What are the disadvantages? Let’s take a closer look and decide together if you should use SNI for your production websites.

Two announcements that shook the Internet

Could the Internet be reaching its last days? Surely it could never happen? Ok, perhaps slightly melodramatic, but a few recent incidents clearly demonstrated the impact IPv4 address shortages are starting to have on everyday Internet operations.

One of the largest outages in Internet history recently shook the online community. Major Internet Services Providers like BT and Virgin in the UK and AT&T, Time Warner and Verizon in the US went down. It appears that these outages were all caused by growth of the BGP routing table – a knock-on impact of the increasing scarcity of available IPv4 addresses.

Our friends over at Microsoft Azure also had their own problems when they ran out of spare IPv4 addresses earlier this year.

Add to that the fact that Google have started giving a ranking boost to secure https/SSL sites, and intends to accelerate the prominence of this factor in future. So Google are at it again – shaping the lives of SEO experts and their clients the world over. This time there’s a catch due to the implications this has for excessive IPv4 address consumption!

Read more…

PHP 5.6 available on our Cloud VPS platform

PHP 5.6 hosting

Over a year after PHP 5.5 was released, the latest and greatest version 5.6 has just arrived and is already supported on our fully managed Cloud VPS hosting platform.

New features in our PHP 5.6 hosting

Here are some of the highlights of this new version of PHP:

  • Constant scalar expressions: you can now provide static scalar expressions, so you can now use static expressions (in the past you could only use static values), e.g. in function arguments, const declarations or property declarations;

  • Memory usage using POST has been reduced;

  • An interactive debugger called phpdbg has been implemented – you can access it from the command line to debug your code step-by-step;

  • Uploads of over 2GB are now accepted (but check you have enough server resources before doing this!);

  • php://input is now reusable;

  • Many SSL/TLS improvements such as protection against attacks, improved peer verification, fingerprinting SSL certificates, and significant enhancements when using encrypted streams;

Read more…

Bash Shellshock vulnerability – PATCHED

As explained last time the media got all excited by a security vulnerability; proactive security patching is all in a days work here at Layershift. So it shouldn’t come as any great surprise that we were once again all over this as soon as the appropriate patches were released by the relevant upstreams.

Two separate patches were issued in respect of this vulnerability, and they even have two separate CVE references for the pleasure: CVE-2014-6271 and CVE-2014-7169.

Timeline

This widely reported vulnerability was first publicised late on Wednesday afternoon, 24th September 2014, with patches provided and installed later that day / overnight. However, that first patch was found to be incomplete – alas CVE-2014-7169 was born!

Early on Friday morning, 26th September 2014, a new patch was issued, and once again our engineers have worked tirelessly to get it deployed across all of our platforms in short order.

Shellshock patch status

  • Managed Cloud VPS – PATCHED
  • Jelastic PaaS – PATCHED
  • Managed dedicated – PATCHED
  • Shared hosting – PATCHED
  • Internal infrastructure – PATCHED

Transfer the environment not just the project

transfer

At Layershift we’re always looking for new ways to help you to be more efficient and productive. After all, Jelastic is the PaaS for people aiming for success; you don’t get to be successful by wasting your time repeating your work or grappling with awkward configurations!

We received lots of great feedback (thanks!) following the recent overhaul of our environment collaboration feature – allowing you to get the whole team working within 1 Jelastic account, and sharing individual environments with appropriate team members.

You told us loud and clear that it’s immensely helpful to have this convenient way to temporarily share an environment with a freelancer or agency. But, you said, what about when the freelancer starts the project off on the Jelastic platform and wants to hand ownership over to his client at the end? There should be a good way to handle that situation…

Well yes, we completely agree. Here it is!

Read more…

Next Page »