Critical glibc Vulnerability Patched on all SiteGround Servers

gnu

Hours ago a critical vulnerability in  the GNU C Library (glibc) was announced alongside a proof of concept for the attack. This library is one of the main components in the majority of Linux distributions (if not all) including those, used for server OS'es. Without getting into too much technicalities, the exploit allows an attacker to remotely execute code by following a simple link. That's one of the most severe vulnerabilities discovered in the recent years and potentially affects pretty much any Linux server out there.

Given that all SiteGround servers run on CentOS - a Linux distribution, we took immediate measures to secure our machines. I am happy to announce that a patch has been applied on all our servers and our customers are well protected against this security threat!

Product Development - Technical

Enthusiastic about all Open Source applications you can think of, but mostly about WordPress. Add a pinch of love for web design, new technologies, search engine optimisation and you are pretty much there!

12 Comments

  1. Reply February 18, 2016 / 01:41 TomSiteGround Team

    At SiteGround, how was this handled and how did it affect customers? At my host, without warning, they took server down for maintenance so my site was down for almost 1 hour. I did not have time to warn site visitors nor did I even know the cause until I rushed home, got on tech support and they told me about this issue.

    • Reply February 18, 2016 / 03:22 Iskra RashevaSiteGround Team

      Sorry for your bad experience Tom. At SiteGround we updated the glibc library and reset the services using it with zero downtime for our customers.

  2. Reply February 18, 2016 / 05:42 FranSiteGround Team

    Hi there,
    unfortunately my site is still down! Not working at all!
    Thanks

    • Reply February 18, 2016 / 06:10 Iskra RashevaSiteGround Team

      Fran, your site is now up and running! The connection loss was due to a DDoS attack as we informed in your User Area. This is not related to the fixed glibc vulnerability.

      • February 18, 2016 / 06:19 FranSiteGround Team

        It's working now! thank you so much!!!!!

  3. Reply February 18, 2016 / 08:31 Don GreenSiteGround Team

    My site dreamgreen.org is still down after at least 4 hours. Any news?

    • Reply February 18, 2016 / 08:37 Iskra RashevaSiteGround Team

      Don, please log in to your User Area and read the important information we have posted. Your site has significantly exceeded the server resource limits, which has caused the service interruption. Please get in contact with our Support team to assist you further. Note that your case is not related to the glibc vulnerability fix.

  4. Reply February 18, 2016 / 08:39 Don GreenSiteGround Team

    Seems like a denial of service attack.

    • Reply February 18, 2016 / 09:02 Iskra RashevaSiteGround Team

      Our support specialists will be able to give you more info Don. Please post a ticket and they will look after you.

  5. Reply April 26, 2016 / 08:42 MarkSiteGround Team

    Hello,

    if possible I'd like to know how Site Ground deal with security vulnerability of Php versions, that have reached the End of Life, like versions 5.3 or 5.4

    Thanks

    • Reply April 27, 2016 / 01:41 Daniel KanchevSiteGround Team

      Hi, Mark.

      I already replied to your comment here.

      • April 27, 2016 / 03:22 MarkSiteGround Team

        Perfect, thank you.

Reply

* (Required)