Manage SSL certificates with the control panel

Posted in Control panel by

Screenshot of WebFaction control panel certificate picker

You can now manage SSL/TLS certificates with the WebFaction control panel! In just a few clicks, you can:

  • generate certificate signing requests
  • upload or copy and paste certificates
  • choose which certificate to use with each of your websites

Effective immediately, you can secure a site without opening a support ticket. But if you run into any problems, the support team is still available to help you out. Because we’re sure you’re eager to start managing certificates on your own, we’ve enabled the feature now, but we’re working to make managing certificates even better over the coming days, with complete documentation, API support, and more.

But as of today, you can upload a certificate and private key from any certificate provider through the control panel. If you don’t already have a certificate, you have a few choices when it comes to getting one:

  • You can use your server’s default, shared certificate, though visitors will get an error message warning that the connection may not be secure.
  • You can buy a certificate from a certificate provider (typically your domain name registrar can provide this service).
  • You can get a certificate from Let’s Encrypt, a certificate authority that provides free 90-day certificates.

The new functionality is available in the panel under “Domains/Websites > SSL Certificates”.

We’re really excited about Let’s Encrypt! It’s a great project that’s helping to make secure sites practical for everyone. And though we’re not ready to announce anything yet, let’s just say that we want Let’s Encrypt and the control panel to work very well together.

Update: As of 12 October 2016, our documentation and API have been updated to include the new SSL certificate management features!

-
-

Rails 5 is here!

Posted in Rails by

 

Rails 5 screenshot

Rails 5 was recently released, and is now available as a one-click install in our control panel! This release has a ton of new features, including built-in WebSockets support via Action Cable, an API mode to build backends for web and native client apps, and much more.

Our installer sets up Rails with Ruby 2.2.5, served with Passenger 5 on Nginx 1.10. This stack is available on our CentOS6 and CentOS7 servers – customers on CentOS5 servers who wish to install Rails 5 should request a migration to the newer OS via our control panel.

Why are you still reading this? Go install Rails 5 and build something cool today!

-
-

WordPress 4.4 + PHP 7 + SSD = great performance

Posted in WordPress by

WordPress 4.4

WordPress 4.4 has been released! You can now find WordPress 4.4, named “Clifford”, in our one-click installer. It’s running recently-introduced PHP 7.0.

WordPress 4.4 has several new features, including:

  • a new default theme, Twenty Sixteen, that’s designed to look sharp on all screens, from mobile phones to giant desktop displays
  • responsive images so WordPress shows images at the right size for each device (potentially abbreviating page loads)
  • embeddable WordPress content, so your content can be shared more gracefully across sites that support consuming oEmbed data
  • more support for embedding outside content, like Speaker Deck and Reddit comments

Plus, many changes have been introduced to WordPress core to support WordPress developers—including changes that lay the groundwork for the eventual introduction of a REST API in WordPress core in a future release.

Specific to WebFaction, installations of WordPress 4.4 use PHP 7.0. PHP 7.0 is known to improve the performance of many PHP applications. In an informal test of a new WordPress 4.4 installation running under FastCGI, PHP 7.0 handled almost a third more requests per second than PHP 5.6:A graph comparing WordPress 4.4 under PHP 5.6 and PHP 7.0

And that’s before any other steps to optimize the application, like caching WordPress.

For a complete look at the changes in WordPress 4.4, check out the project’s official announcement. When you’re ready, fire up a WordPress 4.4 installation with the one-click installer. If you have any questions, join us in the Q&A community.

-
-

PHP 7 is here!

Posted in PHP by

PHP 7 is here

PHP 7 has been released! That’s right, PHP 5.6 has given way to PHP 7.0 (stop, do not pass PHP 6, do not collect $200)! The new version is now available on all WebFaction servers. So let’s take a look at some of the biggest changes in PHP 7.

Performance

Perhaps the most talked about part of PHP 7 is the substantial improvement in performance and memory usage. Measuring requests per second, benchmarks with PHP 7 have shown 30 to over 100 percent improvements over PHP 5.6. You read that correctly: upgrading to PHP 7 can sometimes double the performance of an application. The PHP project achieved these gains by merging the changes of PHPNG into the main PHP project. Although memory benchmarks are harder to come by, anecdotal reports are that PHP 7 uses less memory as well. While the real-world performance gains of upgrading to PHP 7 vary by application, you should expect to experience a marked improvement.

Spaceships

PHP 7 comes with a spaceship, or at least it comes with an operator that looks like a spaceship: <=>. The spaceship operator, more formally known as the “combined comparison” operator or “three-way comparison” operator, makes it easier to write comparisons for sorting. The spaceship operator compares two values and evaluates to 1, -1, or 0, if the first value is greater, less than, or equal to the second value, respectively.

Take the expression a <=> b, for example. If a is greater than b, then the expression evaluates to 1. But if a is less than b, then the expression evaluates to -1. If a and b are equal, the expression evaluates to 0. In this way, the spaceship operator reduces a complex ternary expression like ($a < $b) ? -1 : (($a > $b) ? 1 : 0) to just a <=> b.

Plus spaceships are cool. Pew pew!

Type hints

PHP 7 expands the language’s type hinting features. Previous versions of PHP supported limited argument type hinting. PHP 7 adds scalar type hinting to arguments, so you can hint int, float, string and bool for argument types. What’s more, PHP 7 lets you declare what type a function is expected to return, including the scalar types.

But there’s a catch

With these changes, you may be eager to upgrade, but keep in mind that PHP 7 is not a drop-in replacement for PHP 5.6. Many long-deprecated SAPIs and functions have been removed. There have been changes to errors and exceptions, variable handling, and source parsing too numerous to list here.

We recommend that you read the official guide on Migrating from PHP 5.6.x to PHP 7.0.x or see the the official ChangeLog to learn about every change and how it may affect your application. We also recommend that you test your application before upgrading your live site.

When you are ready to upgrade, you’ll find PHP 7 available in our one-click installer and on the command line as php70.

-
-

Meet our new SSD hosting plans

Posted in General by

Over the past few months we’ve been hard at work preparing our next generation of hosting plans. We’ve selected high-performance, pure SSD servers and we’ve carefully crafted a robust and secure software setup based on CentOS 7. Today we’re excited to launch these new plans:

  • $10/mo, 100GB pure SSD storage, 1GB RAM, 1TB bandwidth, shared servers
  • Managed cloud servers from $30/mo for 2GB of RAM

All existing customers can continue using their existing plans at their current price for as long as they like. To be migrated to a new plan just put in a migration request from the control panel.

Just like the old plans the new ones come with fully managed servers, SSH access, email and DNS hosting and a full-featured control panel to let you configure all aspects of your hosting.

Our friendly customer support team is available 24×7 to answer any questions you might have: either open a ticket or just email support@webfaction.com.

You can find all the details about our new plans on our updated website.

-
-

Your WebFaction account: customer support

Posted in General by

This is the fourth in a series that’s going over what’s included in your WebFaction account. In today’s installment, we’re taking a closer look at the team that supports your account.

Above all, the customer support team is committed to communicating with you in a timely, accurate, and courteous way. If you have a question, a problem, or a suggestion, we want you to be able to trust that the customer support team will respond with care and respect. Whether you’re asking a question in the Q&A Community or opening a support ticket, WebFaction customer support is there to help you.

But the customer support team isn’t passively waiting to hear from you. The support team is connected to monitoring and reporting about the state of the WebFaction service, so many problems are resolved without your intervention. For example, if a network connection goes down or server needs to be rebooted, the support team is often notified about and can respond to the problem before customers are even aware of the issue, much less had a chance to submit a support ticket.

Yet having a monitoring system doesn’t mean much if there’s no one around when alarms start going off, so WebFaction’s support team provides 24-hour coverage every day of the year. The team is globally distributed, so even though it might be a weekend, evening, or holiday where you are, it’s usually just another work day for the support team member that responds to your request. With continuous coverage, you can expect that it won’t be long before you receive a response and that the support team member that responds to you is up to the task.

In addition to the customer-facing support team, our team of systems administrators is on hand and on call too. Their main task is to make sure your server is stable, secure, and up-to-date. For example, our sysadmins took the steps required to protect WebFaction servers from the POODLE SSL vulnerability discovered recently. Or, in the event of a major problem, like a hardware failure, the systems administrators step in to restore the server to a working state or migrate it to new hardware.

In a perfect world, software never has bugs, servers never crash, and network connections never fail. Unfortunately, we don’t live in that world, so that’s why we’ve put together a multitalented team to look out for you.

To learn more about what you can do with your WebFaction account and how to get help, check out our documentation site, or join us in the Q&A Community to ask the support team a question.

Previously in the “Your WebFaction account” series: emailserversthe control panel.

-
-

Your WebFaction account: the control panel

Posted in Control panel by

This is the third in a series that’s going over what’s included in your WebFaction account. In today’s installment, we’re taking a closer look at the control panel.

screenshot of the control panel

There’s a lot going on the control panel because it’s the hub of every WebFaction account. Nearly every part of account management, from billing to disk usage to applications to support, has a part to play in the control panel. And that’s by design: the control panel is often the first and last place you need to go to manage something to do with your account.

For example, the control panel is your account’s virtual postmaster, with the ability to create and manage email addresses and mailboxes. Common tasks, like setting up autoresponders and forwarding mail can be managed from the control panel, without requiring complicated configuration files.

One area of the control panel that we’re particularly fond of is our one-click installers. With the control panel, you can install a bunch of popular applications with the absolute minimum of hassle. It’s such an important part of the control panel, we did a whole series of blog posts on just one-click installers.

Of course, sometimes you don’t want to have to actually click anything. That’s why many things that you can do with the control panel can also be done with the XML-RPC API. With the API, you can automate many control panel tasks, like creating email addresses or managing DNS overrides. The API even knows a few tricks that the control panel doesn’t, so check out the API documentation for a tutorial and reference.

Lots of web hosts have control panels, but many use off-the-shelf packages that are designed for the generic idea of web hosting. We’ve made our own control panel that’s designed for our customers’ use cases and our service’s strengths. We have the flexibility to improve the control panel, and do things like add a new feature without waiting on a vendor’s release schedule. We’re proud of the control panel and strive to make it the best tool possible for our customers.

To learn more about what you can do with your WebFaction account and the control panel, check out our documentation site or join us in the Q&A Community.

Previously in the “Your WebFaction account” seriesEmailServers

-
-

New control panel feature: simple user permissions

Posted in Control panel by

A few days ago, we quietly introduced a much-requested new feature to the control panel: granting extra SSH and SFTP users access to directories. We made this two-minute screencast about managing extra user accounts that covers the new feature:

Now you can grant an extra user access to a particular directory right from the control panel. It’s much faster and less error-prone than doing so in a shell session manually. While it’s not a substitute for fine-grained access control, it’s perfect for dealing with the common case of granting a user access to a particular application or subdirectory.

So check out the screencast and give the new feature a try. If you have any questions, join us in the Q&A Community.

-
-

Fun with WebSocket: Setting up a shared drawing board

Posted in Python by

Three weeks ago we added support for WebSocket to our platform. WebSocket is a protocol providing full-duplex communications channels over a single TCP connection. It means that multiple clients can stay connected to a server and they can communicate back and forth much quicker than with the standard HTTP protocol.

One case where WebSocket is useful is when the changes made by one client need to be instantly broadcasted to the other clients.

As an example we’ve set up a shared drawing board web app where multiple people can draw on the same canvas at the same time. The tools we used are:

  1. A hosting account that supports WebSocket and Python
  2. The CherryPy Python web framework
  3. The WebSocket for Python library
  4. The jCanvas javascript library (built on top of jQuery)
  5. 300 lines of Python code for the web app itself

The source code for the drawing board is included as an example in the WebSocket-for-Python library and you can try the demo at https://demos.webfaction.com/drawing

Here is a short video showing the drawing on one device being instantly displayed on another device (after travelling via the server which was hundreds of miles away):

-
-

Security issue in the OpenSSL library (Heartbleed bug)

Posted in Control panel by

As many of you have probably heard a serious security issue (dubbed the “heartbleed bug”) was found in the OpenSSL library yesterday. This is a very serious issue as this library is used to encrypt a large percentage of the Internet’s traffic, including web and email.

The security issue could allow anybody to access parts of the encrypted traffic as well as the secret keys used to encrypt that traffic.

What we have done

As soon as we were made aware of the issue we started updating the OpenSSL version used by our various systems and we replaced the SSL certificates that we were using.

As of now all of our systems have been patched and all of our SSL certificates have been replaced.

What you should do

We are not aware of any data having been compromised but there is a possibility that some may have been so as a precaution we recommend making the following changes:

  1. If you are using SSL certificates for your sites there is a risk that your certificates have been compromised. So we recommend that you ask your certificate provider to re-issue your certificates and then open a ticket for us to replace your certificates with the new ones.
  2. Once you have replaced your SSL certificate, you should consider that the data secured by your old SSL certificates may have been compromised. Change any passwords or other credentials that were encrypted by your old SSL certificates.
  3. We recommend that you change your WebFaction control panel password. Although the WebFaction control panel wasn’t vulnerable (it uses a different version of the OpenSSL library) the SSL certificate that it uses may have been compromised because it was also used by other sites which were vulnerable. So there is a small possibility that some control panel passwords may have been compromised.
  4. If you’re using phpMyAdmin or phpPgAdmin on our servers you should change these passwords.
  5. If you are using our email services we recommend that you change your email passwords.

You can find more information about the heartbleed bug at http://heartbleed.com

If you have any questions regarding this issue just open a support ticket and our team will reply to you asap.

-
-