Railgun

Cloudflare Partner Logo

As a CloudFlare Optimized Partner, we are thrilled to offer the CloudFlare Railgun™ technology to all our customersas a free addon for Half-Acre and VPS hosting packages. Railgun is CloudFlare’s latest performance optimization technology that gives you significant improvements in site load times. To activate Railgun, log into your Cloudflare account and select Railgun “On”. Note that Railgun costs at least $200 if purchased from Cloudflare directly. Read on for additional details and instructions:

Railgun ensures that the connection between our network and the CloudFlare network is as fast as possible. Railgun achieves a 99.6% compression ratio for previously uncacheable web objects by using techniques similar to those used in the compression of high-quality video. The average website can expect a 1.43x performance increase.

Cloudflare Optimized Hosting Partner

Cloudflare Partner Logo

Cruiskeen Consulting LLC is happy to announce a new partnership with CloudFlare, the web’s easiest performance and security solution. As a CloudFlare Certified Partner, we deliver their simple and free solution to help protect and accelerate your website. Once your website joins the CloudFlare community, it loads twice as fast and is protected from a range of online threats.

Getting started is easy—you just need to log into our billing system and add the Cloudflare addon to your hosting plan. With two clicks, you can activate CloudFlare and your website will automatically be faster and safer around the world.

We are pleased to offer you the CloudFlare service for FREE. There is no commitment. Turning CloudFlare on and off takes two clicks of the mouse, so feel free to try it out. We think you’ll like it.

Drush for Developers Second Edition

Almost everyone who does any form of Drupal development uses Drush - it's the Swiss Army Knife of the Drupal world. Drush is the Drupal Shell, and it lets you do a whole lot of amazing things with Drupal sites without actually going to the site, logging in, and clicking buttons.  It's a command-line tool (and since I'm an old UNIX hand, it's just right for me.

Despite the fact that we all use Drush, it's pretty clear that some of us use it better than others. I'm often really impressed with seeing someone else use it effectively, with powerful aliases, and doing workflow things with drush that I could hardly imagine. And let's face it, we can't always have a mentor at hand.

This book, Drush for Developers Second Edition,  can be your mentor. It's a pretty quick read (a little over 150 pages) as technical books go. It covers a lot of territory along the way, though.  As all these books seem to do, it starts out with installing Drush on your server, and then moves forward into using it.  Though I've been using Drush for some time now, I never have quite been able to grasp the more advanced uses, like using Drush to move code and features from development to test to production, for example.  This book give a really good idea of how to do some of those functions.

Cloudflare and Drupal

We've recently signed up to be a Cloudflare partner. We have occasionally been using Cloudflare for some of our clients, and we've become believers. At least for a lot of our clients.

What is Cloudflare?

It's quite a few different things.  It's a Content Distribution Network.  Content from your site will be cached at data centers around the world, and served up from those data centers. Also your DNS will be distributed through these data centers, which will make your DNS lookups much faster. It also provides you with protection against web threats - requests that look suspicous will either be blocked if they are severe, and if they are less severe, they will provide a human challenge to the person trying to access the web site. This protection is adjustable, and is particularly valuable if you are fending off a serious DDOS or other form of attack.

Things we are working on

We're working on a lot of new hosting infrastructure projects we though you might be interested in.  A lot of this is in preparation to provide a better development and hosting enviornment for Drupal 8. We are re-imaging web servers and other servers to do a better job for modern Drupal hosting.  Things you can look forward to include:

  1. Composer baked into our servers for easier development.
  2. Compass baked into the servers for better development with CSS pre-processing.
  3. Starting to move new servers into CentOS 7 to provide newer hosting binaries.
  4. Better support for resellers.
  5. Easier setup for use of varnish and memcache on our higher-end server packages.
  6. Better support for Drupal 8 on shared hosting.  We want to be able to offer a reasonably-priced environment for hosting Drupal 8 sites.

This is all part of our commitment to provide useful hosting services to the Drupal community. We expect that although Drupal 8 is great, it's going to require more specialized hosting in a lot of cases.  We're committed to the Drupal community, and look forward to getting more input from you on your Drupal hosting needs now and in the future.

GHOST Busters!

You may have seen reference to the GHOST exploit that was recently announced.  You also may have seen some random reboots of our servers, taking you out of commission for 10 minutes or so.  We're patching all of our systems against this exploit (Just about done now) - this is  a fairly serious one that allows arbitrary script execution on servers, and is not really all that hard to do comparatively.  And unfortunately since it's a glibc issue, we really need to reboot all of the servers to completely protect.  So -- if yo

POODLE Attack!

You may have heard the recent information about the POODLE attack. Essentially this is an issue where SSL connections may revert to the known-unsafe SSLV3 protocol. There's really no fix for SSL V3, but there IS a cure that amounts to disabling the fallback to older SSL protocols such as V3. We're going to be doing two things about this:

  1. We are in the process of rolling out the recent Openssl fix that uses TLS_FALLBACK_SCSV to stop the rollback to older SSL protocols
  2. We are in the process of setting up to make our SSL servers no longer accept EITHER SSL2 or SSL3 as protocols.   This is really the right thing to do, but it WILL mean that people using browsers that do not understand recent secure connection protocols will be in trouble.  This specifically includes old versions of IE. The upshot of this is that once this is completed, people on Windows XP will no longer be able to make secure connections to our servers (with IE).  We see this as a minor issue compared to the possibility of compromised security.  We are NOT doing this step in the near future, but will be doing it as a normal consequence of a larger operating system upgrade some time in the next few months.

More details on POODLE below the fold:

Drupal 7.32

It's security update day in Drupal land.  Drupal 7.31 has a fairly serious SQL Injection vulnerability, which is fixed in Drupal 7.32. At the moment we're testing Drupal 7.32 (already did this site) and will be rolling it out on sites that are under maintenance for us as the day goes on.

This is in fact a REALLY serious problem and exploits are already in the wild.

We strongly advise that people do this upgrade.

Bash Security Issue - update

Update -

New versions of bash were released overnight that fix the remaining security flaws in the shell. We are in the process of rolling out the second patech to all of our servers and will be finished some time around 10 AM Central Time.

Some of you may have seen the news yesterday about a serious bug in bash allowing code injection.  We are currently in the process of applying updates to all of our servers for this security issue.  Unfortunately it has been discovered that the current available updates are only a partial solution.  We are installing the partial upgrade and looking into some security workarounds until such time that we receive new patches from CentOS.  We're working to continue to provide security to our customers.

Why Host With Us?

We have a special niche in web hosting.  We provide high quality performance-oriented web hosting for CMS systems. Unlike the low-priced commodity web hosts, we have servers set up to support CMS right out of the box. You won't see a lot of the common errors with web hosting that you'll see with non-specialized hosts (running out of PHP memory on a small site, too-small packet sizes for your database, no support for InnoDB on Mysql, etc.) even if you are on one of our shared hosting plans. We understand the needs of CMS users and provide useful plans for a CMS at all price levels.

We also particularly are committed to Drupal hosting. We have a wide range of hosting abilities for Drupal, and can tune a hosting instance to your needs.  Whether you need shared, VPS, or dedicated hosting, we can help you.  We also run clients with multiple-machine hosting (usually multiple VPS's) where each machine is tuned to a special need, like Varnish, MySQL, or PHP hosting, as well as supporting redundant database backends and multiple web servers.

Pages

Subscribe to Cruiskeen Consulting LLC RSS