Webcrossing Server Upgrade – Search and SSL important stability fixes

July 15, 2015

Search stability upgrade
This new version of the Webcrossing server fixes a possible server freeze during indexed site search which could occur with certain search keyword combinations if the server’s tagging engine was corrupted for some reason. The new build prevents such a freeze, returning the expected search results.

Secure access port listening fix
There were some rare cases when access to a secure port connection (e.g. Port 443 using HTTPS) would fail to connect. Non-secure (HTTP) connections would continue and the server would otherwise continue running normally, but parts of a site accessible only via secure connections would not be accessible. This is now fixed in the new build.

The latest release version is now Webcrossing 6.4 source: 1688 2015-07-09.

We will be upgrading all hosted customers, and coordinate upgrade timing as needed.

All self-hosted customers with valid support and maintenance contracts can download this new version at no cost.

If you are running a self-hosted site we strongly recommend upgrading your Webcrossing server to this new build. If you are a self-hosted customer and have a valid support and maintenance contract, please contact support for access to the new server. If your support and maintenance contract has expired, please contact us to renew so we can provide you with this important update.

Here is a recap of other recent upgrades:

Version 1682 2015-02-14 was released in February 2015 and prevented the “POODLE vulnerability” and upgraded all incoming and outgoing connections to require TLS (deprecating SSL v3). There was also a fix for persistent HTTP connections to missing pages (HTTP 404 errors) which were sometimes not released.

Version 1678 2014-12-02 was released in December 2014 and added a new Unified Email Digest feature (previous versions only could send digests from each folder separately).

Version 1675 2014-09-27 was released October 8, 2014 with enclosure reference count fixes.

Version 1673 2014-08-31 was released September 8, 2014 and fixed attachment deletion and cluster attachment propagation issues.

Version 1670 2014-04-25 was released May 7, 2014 and fixed an important stability issue which, under certain circumstances, could cause a Webcrossing server process to silently quit, leaving the site unresponsive, and also added a new feature to allow guest users to visit sites licensed for a limited number of users (a so-called “seat license”).

The latest release includes all those fixes and enhancements.

Comments are closed

Elliptics Webcrossing server upgrades for all hosted sites!

June 22, 2015

We are upgrading some fundamental virtualization software at our data centers. Our testing shows startup times are an order of magnitude faster, and benchmark tests show at least a 3x improvement in most cpu and disk related operations.

We will be migrating all our hosted sites to the new servers, and will contact our hosted customers as needed if there will be downtime. None of this is required or urgent, just an improvement in your server operations. No changes will be required on your end.

Last year we also upgraded all our servers to SSD (solid state storage) instead of old “spinning disk on a spindle” (HDD) drives and enhanced memory. This software-based upgrade will provide even greater optimizations.

If you are a self-hosted customer and wish to move to our hosted data centers to take advantage of our ongoing security checks, daily backups, high performance SSD storage and high-speed network please contact us for assistance.

Comments are closed

Elliptics hosted Webcrossing servers are not affected by the new VENOM security vulnerability

May 21, 2015

A new security advisory, CVE-2015-3456 called VENOM (Virtualized Environment Neglected Operations Manipulation), was recently released by the Linux Foundation.

Our data centers in Dallas, Newark, London, Atlanta and Tokyo are secure against this vulnerability.

We take all security alerts seriously and so we wanted to let our customers know.

If you are a self-hosted customer and wish to move to our hosted data centers to take advantage of our ongoing security checks, daily backups, high performance SSD storage and high-speed network please contact us for assistance.

Comments are closed

Webcrossing and our NoSQL Object Oriented Database

April 3, 2015

Webcrossing’s built-in server-side scripting language is JavaScript, which is, of course, object-oriented. Webcrossing also uses a NoSQL object-oriented database.

Some people may be concerned about trying an OODB because they are so familiar with SQL, and feel they don’t know much about OODBs. But in truth, there isn’t a whole lot you do need to know, from a programming standpoint. You can store your JavaScript objects directly in the database without jumping through any hoops. It pretty much Just Works. No complicated SQL with required serialization, table joins or complex queries.

Webcrossing’s database comes with a number of built-in, ready-to-use primitive object types. At the lowest level, there are primitive Stored objects. These are the same as a JavaScript Object, except that they are stored into the database.

All objects stored in the OODB can be accessed through JavaScript objects. Setting new property values for stored objects stores the values into the OODB and saves them on disk. Fetching values from stored objects loads them from disk automatically.

So, you can just do something like:

SomeFolder.myObject = new Stored();

Voila. Stored.

Adding properties is just as easy:

SomeFolder.myObject.color = red;

You can create your own kinds of objects derived from the built-in classes, giving you an extremely powerful tool for extending and customizing Webcrossing.

OODB

OODBstructure

 

As you might imagine, with built-in users and content nodes, you can save a lot of time not reinventing the wheel. So take the leap. Try an object-oriented database with an object-oriented programming language. You might never turn back.

This article was originally written by Sue Boettcher for the “Webcrossing Rocks” blog. The original article can be found at http://webxrox.blogspot.com/2011/04/why-oodb-object-oriented-database-is.html along with many other interesting articles, and fun stuff too.

Comments are closed

Webcrossing Server Upgrade – Security Update and more!

February 24, 2015

POODLE vulnerability block
This new version of the Webcrossing server has been upgraded to prevent the so-called “POODLE vulnerability” discovered by Google at the end of last year. Read more about POODLE here.

Please note the vulnerability only affects sites using SSL certificates (sites with https:// urls). If you are not using secure connections it does not affect you. If you are using secure connections, for your entire site, or part of it, we recommend upgrading to this new build.

Note: Blocking the POODLE vulnerability means removing support for SSL v3 and requiring secure connections from browsers which support TLS. All recent versions of browsers support TLS and also default to blocking SSL v3. The only remaining well-known browser  without TLS support is IE6, which was released in 2001 for Windows XP and is long deprecated. If you have users with IE6 browsers, and are providing secure connections, those users will not be able to access your site after upgrading. We recommend advising IE6 users to upgrade their browser.

Secure outgoing requests are TLS
In addition to upgrading incoming secure connections to your Webcrossing server, the new version also upgrades the way secure outgoing requests are made. In previous versions, outgoing requests would be made using SSL v3. With the new build, outgoing requests are made using TLS, assuring scriptable API access to such sites as LinkedIn and Facebook, which have also stopped supporting SSL v3 as of the end of last year.

Fix to persistent connections and missing pages
The new build also includes a fix for persistent HTTP connections to missing pages (HTTP 404 errors) which were sometimes not releasing the connection. These connections are now being dropped and made available for other connections. The problem did not affect many sites, but if a site was under a heavy load and many connections were being made to pages which did not actually exist at the site, it was possible for the listening connection limit to be reached, thus making the site inaccessible on certain ports. This fix prevents that problem from occurring.

Clarification in Email Services settings
The instructions in the Email Services control panel have been updated to clarify that if a site wishes to use outgoing email notifications of new posts to subscribers that at least one email domain for the site must be set. This is also required for receiving posts by email.

The latest release version is now Webcrossing 6.4 source: 1682 2015-02-14.

We will be upgrading all hosted customers, and coordinate the upgrade timing as needed.

All self-hosted customers with valid support and maintenance contracts can download this new version at no cost.
For security’s sake, if you make use of secure connections we strongly recommend upgrading to the new version. If you are a self-hosted customer and have a valid support and maintenance contract, please contact support for access to the new server. If your support and maintenance contract has expired, please contact us to renew so we can provide you with this important update.

A recap of other recent upgrades: Version 1678 2014-12-02 was released in December  2014 and added a new Unified Email Digest feature (previous versions only could send digests from each folder separately). Version 1675 2014-09-27 was released on October 8 with enclosure reference count fixes. Version 1673 2014-08-31 was released on September 8 and fixed attachment deletion and cluster attachment propagation issues. Version 1670 2014-04-25 was released on May 7, 2014 and fixed an important stability issue which, under certain circumstances, could cause a Webcrossing server process to silently quit, leaving the site unresponsive, and also added a new feature to allow guest users to visit sites licensed for a limited number of users (a so-called “seat license”).

The latest release includes all those fixes and enhancements.

Comments are closed

Webcrossing server update – Unified Digests!

December 12, 2014

We are very excited about this new feature for the Webcrossing server.

People familiar with Webcrossing over the years already know that each folder (forum) can be used as a separate email list. You can post to discussions in a folder by email, and each folder can send out messages to subscribers.

Members can subscribe to each forum area in different ways: they can receive immediate notifications of new posts, they can receive daily digests, or they can receive a single notification with no new messages until they return to the site and catch up.

For digests, some sites have wanted a unified email digest feature. In other words, instead of a separate daily digest sent from each forum area, there have been requests for a single daily digest, customized for each user, for those areas where members are subscribed to receive digests.

With this new version of Webcrossing, now you can provide unified digests to such users!

Notes:

  • The default is unchanged. Unless you set up your Webcrossing server to provide unified digests, nothing will change. Your digest subscribers will still receive separate digests from each forum/folder.
  • In addition to the new server, the unified digest feature requires a customized digest filter. We can provide a sample one, which creates HTML email digests, with a Table of Contents, like the one in the screenshot snippet. If you know how, you can modify the template to meet your special needs. Or you can contact us to request our professional services staff to create a more customized digest for you.

unified-digest-sample2

Unified Digest snippet

 

The latest release version is now Webcrossing 6.4 source: 1678 2014-12-02.

We will be upgrading all hosted customers, and coordinate the upgrade timing as needed to make the new server feature available to customers who want to make use of it. Remember, nothing will change unless unified digests are enabled at your site. The upgrade itself only requires a few minutes of site downtime.

All self-hosted customers with valid support and maintenance contracts can download this new version at no cost.

We recommend upgrading to the new version. If you are a self-hosted customer and have a valid support and maintenance contract, please contact support for access to the new server. If your support and maintenance contract has expired, please contact us to renew so we can provide you with this important update.

Also a reminder about our previous recent upgrades: Version 1675 2014-09-27 was released on October 8 with enclosure reference count fixes. Version 1673 2014-08-31 was released on September 8 and fixed attachment deletion and cluster attachment propagation issues. Version 1670 2014-04-25 was released on May 7, 2014 and fixed an important stability issue which, under certain circumstances, could cause a Webcrossing server process to silently quit, leaving the site unresponsive, and also added a new feature to allow guest users to visit sites licensed for a limited number of users (a so-called “seat license”).

The latest release includes all those fixes and enhancements.

Comments are closed

Webcrossing Server Upgrade Released

October 8, 2014

We have upgraded the Webcrossing server with the following change:

Attachments. We fixed an issue with tracking “enclosure reference counts.” It’s rather techy, but the brief explanation is that the Webcrossing server has the ability to attach (or embed, for images) the same attachment (enclosure) to multiple posts without actually duplicating the file. Only one copy of the file is maintained in the enclosures directory. There was a reference counting error which could cause an attachment file to be removed from the enclosures directory even if all posts using it had not yet been deleted. This would usually only be noticeable at sites which did custom scripting taking advantage of the feature.

The latest release version is now Webcrossing 6.4 source: 1675 2014-09-27.

We will be upgrading all hosted customers, and coordinate the upgrade timing as needed. The upgrade itself only requires a few minutes of site downtime.

All self-hosted customers with valid support and maintenance contracts can download this new version at no cost.
We recommend upgrading to the new version. If you are a self-hosted customer and have a valid support and maintenance contract, please contact support for access to the new server. If your support and maintenance contract has expired, please contact us to renew so we can provide you with this important update.

Also a reminder about our previous recent upgrades: Version 1673 2014-08-31 was released on September 8 and fixed attachment deletion and cluster attachment propagation issues. Version 1670 2014-04-25 was released on May 7, 2014 and fixed an important stability issue which, under certain circumstances, could cause a Webcrossing server process to silently quit, leaving the site unresponsive, and also added a new feature to allow guest users to visit sites licensed for a limited number of users (a so-called “seat license”).

The latest release includes all those fixes and enhancements.

Comments are closed

Elliptics hosted Webcrossing Servers are not vulnerable to the Shellshock/Bashdoor Bug

September 30, 2014

keep-calm-and-safety-first-6

You may have heard about a widespread, recently publicized vulnerability called Shellshock or Bashdoor in the media which could affect millions ofservers. You can read the technical details of this vulnerability at the National Vulnerability Database.

In cooperation with our data centers we have conducted vulnerability tests for Shellshock, as well as subsequently discovered related bugs, and have confirmed that our servers are not vulnerable.

We take all security alerts seriously and so we wanted to let our customers know.

Comments are closed

Important Webcrossing Server Upgrade

September 8, 2014

We have upgraded the Webcrossing server with the following important changes:

Attachments and deleted posts.

We fixed an issue where, in some cases, when a post containing attachments is deleted, the attachment itself is neither removed from the enclosures directory where all post attachments are stored, nor marked as deleted (depending on your site settings).

Clusters and propagation of attachments.

We fixed an issue where in some cases, attachments added to one node in a manager/node cluster would not propagate to other nodes even when they properly synced to the manager.
The latest release version is now Webcrossing 6.4 source: 1673 2014-08-31.

We will be upgrading all hosted customers, and coordinate the upgrade timing as needed. The upgrade itself only requires a few minutes of site downtime.

All self-hosted customers with valid support and maintenance contracts can download this new version at no cost.

We highly recommend upgrading to the new version. If you are a self-hosted customer and have a valid support and maintenance contract, please contact support for access to the new server. If your support and maintenance contract has expired, please contact us to renew so we can provide you with this important update.

Also a reminder about our previous upgrade, 1670 2014-04-25 released on May 7, 2014. That version fixed an important stability issue which, under certain circumstances, could cause your Webcrossing server process to silently quit, leaving your site unresponsive. In addition to the important stability fix, that version also allowed guest users to visit sites licensed for a limited number of users (a so-called “seat license”). This feature lets private sites optionally host certain areas which guest visitors can read. Previously seat licenses did not allow guest visitors.

Of course the latest release includes all those fixes and enhancements.

Comments are closed

Staff spotlight – Niaja Farve

August 20, 2014

We thought this was definitely worth a mention. Niaja Farve, who we are fortunate to have working with us while she pursues her Ph.D. at MIT, is currently featured on the MIT home page!

You can read the entire article at http://newsoffice.mit.edu/2014/mit-student-niaja-farve-profile-0819.

We feel very lucky to have Niaja working with us while she completes her doctorate and wanted to share this staff spotlight with all our customers and friends.

Niaja-at-MIT

Comments are closed
« Page 1, 2, 3, 4 »