Man­aged Host­ing

News all around our SHORELESS Man­aged Host­ing ser­vices.

  • SHORELESS Managed Hosting discontinues PHP 5.3 Support


    Legacy PHP code is a prime tar­get for mali­cious par­ties attempt­ing to gain unau­tho­rized access or deface your web appli­ca­tion . Older ver­sions of PHP which are marked as "unsup­ported" or "end of life" (EOL) by the devel­op­ers of PHP no longer receive secu­rity updates, and may also con­tain bugs which are fixed in sub­se­quent major releases only. It is in your best inter­est to remain­ing up-to-date.

    PHP 5.3 was marked EOL in August 2014. As a cour­tesy to our clients, our Man­aged Host­ing reg­u­larly offers extended sup­port for EOL PHP, while we help our clients to upgrade their web appli­ca­tions to more recent PHP ver­sions.

    In order to ensure the safety of our server envi­ron­ments and your hosted appli­ca­tions , our Man­aged Host­ing will remove sup­port for PHP 5.3 by the end of Feb­ru­ary 2017. We will even­tu­ally also dis­con­tinue sup­port for the 5.4 and 5.5 branches of PHP (both of which are also EOL) by the mid­dle of this year.

    What does this mean for you as a Managed Hosting client?

    We already iden­ti­fied all client sites still using PHP 5.3 and con­tacted you accord­ingly about upgrad­ing your web appli­ca­tions to PHP 5.6 or 7.x respec­tively. If you did not get any mes­sage from us, the above changes may not affect your sites.

  • The Heartbleed bug didn't affect our clients

    The Heart­bleed bug was dis­closed on 1st of April 2014. This mas­sive secu­rity vul­ner­a­bil­ity in OpenSSL pro­to­col has been pre­sent since the relase of OpenSSL ver­sion 1.0.1 on March 2012. While it left peo­ple scram­bling to change their pass­words left, right and cen­ter, we'd like to inform our cus­tomers, that our web­sites and the man­aged host­ing accounts have been save and secure.

    Our servers used OpenSSL ver­sion 1.0.0 and 0.9.8 which where not affected by the Heart­bleed bug . To ensure none of our cer­tifi­cates have been com­pro­mised dur­ing its issu­ing process on third party servers and com­mu­ni­ca­tion chan­nels, we renewed all our SSL certfi­cates.

    What should you/your customers do next?

    No data on our servers has been breached. The cer­tifi­cates on your man­aged host­ing have been reis­sued as well. You don’t need to take any action regard­ing our site or ser­vices. How­ever, this bug has been out there for a long time and it's pos­si­ble that sites you or your cus­tomers reg­u­larly visit would be sus­cep­ti­ble the vul­ner­a­bil­ity.

    You can check whether or not sites are sus­cep­ti­ble using this tool: http://fil­­bleed/

    We rec­om­mend you and your cus­tomers gen­er­ate new pass­words for any web­site in which sen­si­tive infor­ma­tion is stored, such as email, bank­ing, etc. How­ever, you should wait until these sites have updated their OpenSSL ver­sion and replaced their cer­tifi­cates with new cer­tifi­cates being issued on 8th of April 2014 or later.