Date: 05/03/2012 | Maintenance Notices
START TIME: 05/06/2012 00:00 CDT (Sunday)
ESTIMATED END TIME: 05/06/2012 01:00 CDT (Sunday)
EQUIPMENT: Core Networking
TYPE OF WORK: Configuration Changes
EXPECTED IMPACT: None
During the maintenance window above, Codero network engineers will be making configuration changes to our core networking equipment. This will be done in a manner which should have no negative impact on customers.
There is no expected customer impact during this time.
If you have any questions regarding this maintenance, please contact us by opening a support ticket in ServerPortal.com.
The Codero Hosting Operations Team
Date: 04/13/2012 | Data Center Incidents
We are currently investigating reports of service interruption in the PHX datacenter. This does not appear to be related to yesterday’s issue. We will post more information as soon as it is available.
Date: 04/12/2012 | Data Center Incidents
We are currently investigating a network interruption for some customers in our PHX datacetenter over the last 15-30 minutes. We have switched off one of our redundant upstream providers that was having issues and are currently following up to ensure everything is stable.
Date: 03/30/2012 | Security Notices
Please note that the hacking group known as Anonymous has issued a threat to shut down the Internet on Saturday March 31, 2012, by attacking the 13 root DNS servers that enable the Internet. If the attack is successful, domain names will not be translated to IP addresses, effectively eliminating the ability for anyone to reach any website after DNS Time-to-Live (TTL) levels expire, except by IP address.
The root DNS servers are located throughout the world and are operated by different entities, including Verisign, NASA, ICANN, and the U.S. Army Research Lab. Note that each root server is actually a cluster of individual servers typically housed in multiple geographical locations to increase fault tolerances.
If the attack is successful, your server may be accessible (because routing to individual IP addresses will not be affected, and because DNS entries may be cached) but your web site may not be accessible (because the attack will impact web browsers and other systems that route traffic using domain names after caching expires). Because the attack will target servers outside of Codero’s control and part of the entities that host all DNS servers for the internet, in the case of a successful attack, there will be little that you or Codero will be able to do to restore access, till such a time that the attack subsides or is neutralized.
Though there is no action needed on your part, we wanted to inform of you of this in case the attack is successful and you are unable to browse the Internet as you are accustomed to.
Date: 03/13/2012 | Security Notices
All currently supported versions of Microsoft Windows are vulnerable to remote code execution through the RDP protocol. Patches were released today by Microsoft. If you have automatic updating enabled (the default setting), the patch will be automatically installed on your server. It can also be installed through Windows Update, or downloaded directly from Microsoft:
Codero Windows Managed customers do not need to do anything, as this patch is already installed for you.
If you have any questions, please submit a ticket through Server Portal.
Date: 03/09/2012 | Data Center Incidents
This afternoon some servers in our Phoenix datacenter saw a connectivity degradation related to a DDoS attack that affected traffic coming from one of our upstream providers at 1:10 – 1:15 PM CST. Codero network engineers temporarily shut down the upstream provider to work around the problem.
Between 1:55 and 2:00pm CST Codero engineers restarted our DDoS mitigation system and re-enabled the upstream provider which resolved all issues, but may have caused an additional short interruption of service during this window. Total impact time for affected customers was approximately ten minutes.
Date: 03/08/2012 | Data Center Incidents
We are experiencing intermittent issues with DG-1 in PHX. Network engineers are addressing the issue. Update soon.
Date: 03/08/2012 | Data Center Incidents
At 12:19 pm Central, a network equipment issue caused latency to customers in PHX DG-1 distribution group. Issue was immediately addressed by networking team with complete resolution by 12:24 pm.
Date: 03/07/2012 | Security Notices
All versions of Plesk released before September of 2011 are vulnerable to a security issue which can compromise your server. Codero has seen hundreds of Plesk servers compromised through this security vulnerability, so we recommend that you take immediate action to resolve this.
Note: If you are a managed server customer, Codero has already patched your server(s) and no action is needed on your part. If you are not a managed server customer, patching your server is your responsibility. If you need assistance, Codero staff can patch your server(s) for you at our Advanced Support rate of $99/hour. Please login to ServerPortal.com and submit a support ticket if you wish Codero to patch your server for you.
You can check if you are vulnerable by running this script from Parallels. If the script says “Plesk is up to date” or “The patch has been successfully applied” you do not need to do anything further.
If you receive the message “The patch has not been applied” you need to update Plesk to a newer, more secure version.
You need to know what major version of Plesk you are on to update. Instructions for finding your version of Plesk. An example version is “9.2.1 CentOS 5 92090422.13”. This server is on major version 9, minor version 2.1, with microupdate #13.
The official Parallels directions on how to run the autoinstaller to apply updates are here.
If you are on major version 8, you need to update to 8.6.0. If you are already on 8.6.0, you may need to run the autoinstaller twice to upgrade the autoinstaller itself to be able to receive microupdates. 8.6.0 with microupdate #2 is the first safe version.
If you are on major version 9.x, run the autoinstaller and select version 9.5.4. 9.5.4 with microupdate #11 is the first safe version.
If you are on major version 10.x, upgrade to at least 10.3.3 and install all microupdates through the autoinstaller.
Once you are done upgrading, please run the vulnerability checker again to verify you have fixed the issue. If you are not able to perform the update for any reason, please open a ticket through Server Portal.
Please note, if your server becomes compromised due to this vulnerability and you did not patch despite the multiple notices from Codero, the Server Protection Plan will not be in effect for the compromise.
Date: 03/06/2012 | Data Center Incidents
We are currently investigating a network issue with one of our upstream providers which is affecting the ability of some clients in PHX from accessing their servers. We have shut the provider down and are monitoring the situation. Updates to follow.