We’re proud to introduce a new approach to product releases, one that offers improved transparency and provides merchants and developers with increased peace of mind concerning the products and services we offer.Read more
In this short series, Kevin Schroeder explains how to keep your website on the rails with proper load testing.
Once more into the breach! For my final entry, I will provide some of my favorite tools for building load tests, as well as how to run load tests to best understand site behaviour under various types of loads.
Where we are today
We are pleased to announce that we’ve completed the first round of update reboots as of the evening of Thur Jan 11th. These reboots consisted of updated kernels with Kernel Page Table Isolation (KPTI) and CPU firmware (microcode) updates for a handful of our production systems, namely Intel Haswell, Broadwell, Skylake architectures. Read more
We’ve had an incredibly busy couple of days and wanted to take a few minutes provide an update on where Nexcess is at with Meltdown & Spectre patching.
As is often the case with these kind of situations, the landscape has evolved a bit since our original posting. The most notable of which is that there is an increasing amount of Proof-Of-Concept (POC) code in distribution that demonstrates taking advantage of Meltdown & Spectre vulnerabilities. This raises the threat of the vulnerabilities as quite often these POC’s are used as the basis for creating malicious exploits. At this time however, we have not seen nor have industry peers we work with, any targeted attacks or exploits against these vulnerabilities.
As you may be aware, a number of serious vulnerabilities have been disclosed that affect a wide set of CPU architectures. These vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) were disclosed this week by Google’s Project Zero team and other information security professionals. A rapid response strategy is currently under review for emergency maintenance to patch these vulnerabilities, which will require a reboot of all shared, dedicated and cluster systems. Read more
Certificate Authority Authorization records prevent SSL certificates being issued to hackers and online criminals for domains they don’t legitimately control.
When you ask a Certificate Authority to issue an SSL certificate for a domain, you have to prove that you control that domain. For Domain Validated certificates, that often involves uploading a special file to a server connected to the domain. If the file provided by the CA appears on the server, they know you’re in control.
Caching strategies are tricky, so our Support Manager, Ryan Belisle, took some time to explain one way to use Static Caching to deliver a faster site.
In eCommerce, few things are more miserable than paying for a promotional campaign and watching it sparkle, only to see your site to crash and burn during what should be your finest hour. Sometimes, promotions outperform your expectations, and your proactive measures aren’t enough. What then?