Blogs

Drupal Time in the Midwest!

Some people call it spring, but obviously they're not coders. Twin Cities Drupal Camp is just starting up and runs through the weekend. This is always a great camp, and has a lot of Drupal heavy-hitters.  You're bound to learn a lot (and my heart is broken that I cannot cross the river to go to it this year due to a bunch of other commitments).

Even nearer to our hearts over here in the land of cheese is Drupal Camp Wisconsin - which this year is going to be a little later than normal (August 7 and 8), but will be in the stunning new Madison Public Library. I just opened up session proposals on the site, so if you're interested in coming to Madison, WI for some Drupal goodness, come register for the free Drupal Camp WIsconsin, and sign up to present. This is a lower key sort of camp than a lot, and will feel more familiar to those who remember Drupal camps from a few years back. But great fun, and this year it will be downtown right next to lots of great Madison places for food, spirits, and relaxation.

Lastly is the ever-wonderful Drupalcorn in Iowa.  I'm actually planning on going this year and have put in a couple of session proposals. You should go too, since there's no such thing as too much Drupal conversation. July 30-Aug. 2 in Cedar Falls Iowa. Don't miss the Powerpoint Karaoke, where hapless souls get to do Powerpoint presentations based on random selections of slides.  Heck, that's what most of my presentations look like anyway, so I should be GREAT at that.

See you all at the various spring and summer Drupal activities in fly-over land.

Coming Soon - Gitlab

We've come to realize that we are hosting more and more developers who are using Git to manage their projects (including ourselves).  The current Git repository that we're hosting on our own servers is a little cumbersome, so we're working toward having our own Gitlab repository, which will be available to our hosting clients.  This way you'll have a Git repository that can be private, on your local network, and will be free as long as you host with us.

We're still in the process of deciiphering the details of Gitlab, so it's not available yet - but I expect some time before summer.

VENOM vulnerability

You may have been reading this morning about the new VENOM vulnerabilty in VPS systems.  This potentially affects all of our VPS systems, including those of you on shared platforms. We're currently waiting for the release of patched software from CentOS (Red Hat just released them) and will be installing that software fairly soon after release.  Please note that fully installing this patch will require re-starting all of our VPS systems, so you will all take at least a brief outage, which we will be trying as much as possible to schedule in the evening hours.

Railgun

Cloudflare Partner Logo

As a CloudFlare Optimized Partner, we are thrilled to offer the CloudFlare Railgun™ technology to all our customersas a free addon for Half-Acre and VPS hosting packages. Railgun is CloudFlare’s latest performance optimization technology that gives you significant improvements in site load times. To activate Railgun, log into your Cloudflare account and select Railgun “On”. Note that Railgun costs at least $200 if purchased from Cloudflare directly. Read on for additional details and instructions:

Railgun ensures that the connection between our network and the CloudFlare network is as fast as possible. Railgun achieves a 99.6% compression ratio for previously uncacheable web objects by using techniques similar to those used in the compression of high-quality video. The average website can expect a 1.43x performance increase.

Cloudflare Optimized Hosting Partner

Cloudflare Partner Logo

Cruiskeen Consulting LLC is happy to announce a new partnership with CloudFlare, the web’s easiest performance and security solution. As a CloudFlare Certified Partner, we deliver their simple and free solution to help protect and accelerate your website. Once your website joins the CloudFlare community, it loads twice as fast and is protected from a range of online threats.

Getting started is easy—you just need to log into our billing system and add the Cloudflare addon to your hosting plan. With two clicks, you can activate CloudFlare and your website will automatically be faster and safer around the world.

We are pleased to offer you the CloudFlare service for FREE. There is no commitment. Turning CloudFlare on and off takes two clicks of the mouse, so feel free to try it out. We think you’ll like it.

Drush for Developers Second Edition

Almost everyone who does any form of Drupal development uses Drush - it's the Swiss Army Knife of the Drupal world. Drush is the Drupal Shell, and it lets you do a whole lot of amazing things with Drupal sites without actually going to the site, logging in, and clicking buttons.  It's a command-line tool (and since I'm an old UNIX hand, it's just right for me.

Despite the fact that we all use Drush, it's pretty clear that some of us use it better than others. I'm often really impressed with seeing someone else use it effectively, with powerful aliases, and doing workflow things with drush that I could hardly imagine. And let's face it, we can't always have a mentor at hand.

This book, Drush for Developers Second Edition,  can be your mentor. It's a pretty quick read (a little over 150 pages) as technical books go. It covers a lot of territory along the way, though.  As all these books seem to do, it starts out with installing Drush on your server, and then moves forward into using it.  Though I've been using Drush for some time now, I never have quite been able to grasp the more advanced uses, like using Drush to move code and features from development to test to production, for example.  This book give a really good idea of how to do some of those functions.

Cloudflare and Drupal

We've recently signed up to be a Cloudflare partner. We have occasionally been using Cloudflare for some of our clients, and we've become believers. At least for a lot of our clients.

What is Cloudflare?

It's quite a few different things.  It's a Content Distribution Network.  Content from your site will be cached at data centers around the world, and served up from those data centers. Also your DNS will be distributed through these data centers, which will make your DNS lookups much faster. It also provides you with protection against web threats - requests that look suspicous will either be blocked if they are severe, and if they are less severe, they will provide a human challenge to the person trying to access the web site. This protection is adjustable, and is particularly valuable if you are fending off a serious DDOS or other form of attack.

Things we are working on

We're working on a lot of new hosting infrastructure projects we though you might be interested in.  A lot of this is in preparation to provide a better development and hosting enviornment for Drupal 8. We are re-imaging web servers and other servers to do a better job for modern Drupal hosting.  Things you can look forward to include:

  1. Composer baked into our servers for easier development.
  2. Compass baked into the servers for better development with CSS pre-processing.
  3. Starting to move new servers into CentOS 7 to provide newer hosting binaries.
  4. Better support for resellers.
  5. Easier setup for use of varnish and memcache on our higher-end server packages.
  6. Better support for Drupal 8 on shared hosting.  We want to be able to offer a reasonably-priced environment for hosting Drupal 8 sites.

This is all part of our commitment to provide useful hosting services to the Drupal community. We expect that although Drupal 8 is great, it's going to require more specialized hosting in a lot of cases.  We're committed to the Drupal community, and look forward to getting more input from you on your Drupal hosting needs now and in the future.

GHOST Busters!

You may have seen reference to the GHOST exploit that was recently announced.  You also may have seen some random reboots of our servers, taking you out of commission for 10 minutes or so.  We're patching all of our systems against this exploit (Just about done now) - this is  a fairly serious one that allows arbitrary script execution on servers, and is not really all that hard to do comparatively.  And unfortunately since it's a glibc issue, we really need to reboot all of the servers to completely protect.  So -- if yo

POODLE Attack!

You may have heard the recent information about the POODLE attack. Essentially this is an issue where SSL connections may revert to the known-unsafe SSLV3 protocol. There's really no fix for SSL V3, but there IS a cure that amounts to disabling the fallback to older SSL protocols such as V3. We're going to be doing two things about this:

  1. We are in the process of rolling out the recent Openssl fix that uses TLS_FALLBACK_SCSV to stop the rollback to older SSL protocols
  2. We are in the process of setting up to make our SSL servers no longer accept EITHER SSL2 or SSL3 as protocols.   This is really the right thing to do, but it WILL mean that people using browsers that do not understand recent secure connection protocols will be in trouble.  This specifically includes old versions of IE. The upshot of this is that once this is completed, people on Windows XP will no longer be able to make secure connections to our servers (with IE).  We see this as a minor issue compared to the possibility of compromised security.  We are NOT doing this step in the near future, but will be doing it as a normal consequence of a larger operating system upgrade some time in the next few months.

More details on POODLE below the fold:

Pages

Subscribe to RSS - blogs