We are thrilled to announce that one more time SiteGround has made the latest PHP version (PHP 7.1) available on most of its servers just minutes after it was officially released. PHP 7.1 comes with exciting new features for developers. However, it also introduces backward incompatible changes and migrations from 7.0 to 7.1 should be performed with great caution.
End of Life (EOL) in the CMS world refers to the point in time when an older version stops being supported by the company or community that has built it, and all efforts are focused on current and future versions. No support means performance, and more importantly, security issues, which nobody wants.
Yesterday, a serious vulnerability that affects all major Joomla versions was disclosed. Using this security breach a hacker could do a full remote command execution on the targeted site. We have worked together with the Joomla Security teams and came up with a rule in our WAF (web application firewall) that would block hacking attempts using this vulnerability and we don't have reports for hacked accounts through this exploit.
A security vulnerability in the famous WordPress SEO plugin by Yoast was just reported by the WP Scan Vulnerability Database website. Our security specialists have immediately reacted to protect all SiteGround customers and have crafted and added new security rules to our WAF (web application firewall). This means that we will actively filter any possible incoming hacking attempts that try to exploit the vulnerability.
Although Yoast SEO users are protected on our servers we still highly recommend to anyone using the plugin to update it to the latest version 1.7.4. This latest release is not vulnerable to the reported Blind SQL Injection.
When SiteGround was chosen by OSM to be the official hosting provider for Joomla.com – the new free website service by Joomla, we were really excited. We knew that creating an infrastructure that needs to host hundreds of thousands of sites will not be an easy task. This was a huge and complicated project, but our passion for complex technical challenges was what made us participate in the RFP in the first place. Of course, we were additionally motivated by our love for Joomla and by our previous long-year experience of hosting thousands of Joomla sites on our own servers. Many people from SiteGround and from the Joomla! community have done some amazing job on the different aspects of this new service like creating the website, designing the templates and developing the extensions. However, in this blog post I will concentrate especially on the technical challenges that our DevOps team encountered while designing, developing and implementing the hosting platform for Joomla.com.
Few months ago WordSesh organizers contacted us asking if we would host their online conference. Needless to say, we got quite excited to help this great WordPress event happen. The project was very interesting from a technical point of view too, as we needed to ensure that thousands of visitors will be able to follow the free live stream for 24 hours without any downtime or other technical issue.
During the past few weeks, we have undertaken a serious campaign to increase the number of the WordPress sites that use more recent PHP versions on our servers. As a result, now more than 90% of all our WordPress sites are on PHP 5.5 or higher. As scary as such a massive update may sound when you have more than 100,000 WordPress instances, it turned out to be a real success.
A few of our email servers went wild sending spam this weekend. After quickly fixing the spam issue, we started the longer process of identifying the cause for the spam. It turned out to be the CryptoPHP infection (check out the official whitepaper), activated through a few WordPress themes and plugins.