RSS Feed
Latest Updates
Thanksgiving Holiday Schedule
Posted by Juli Z. on 20 November 2015 05:33 PM

rackAID's sales, case-based support, and billing departments will be closed 11/25 - 11/27/2015 for the Thanksgiving holiday. 


Customers with managed services or managed servers will continue to receive 24/7 support during this period.


Sales, case-based support, and billing departments will reopen Monday, 11/30.


If you are a management client and need assistance, just open a ticket in our helpdesk - as always we are staffed 24/7 to handle urgent issues.




Read more »

Joomla SQL Injection Attacks
Posted by Jeff H. on 28 October 2015 11:19 AM

Joomla SQL Injection Attacks

Security groups have reported a spike in Joomla based attacks over the past week.


An SQL injection attack allows a remote attacker to execute SQL statements against your database.  


If you run Joomla, check that your site is fully patched.


You can find more details here:

Truswave Report

Sucuri Report


There are multiple CVE's that relate to this issue.  These will be updated as more details emerge.





Web Application Firewalls

If you cannot update your application, we may be able to assist you in setting up a Web Application Firewall (WAF) service.   We work with a few different companies depending on your needs.  Cost range from $35-150/mo.  A WAF intercepts suspect traffic before it reaches your site.   This can give you more time to patch your software and prevent future attacks.


Read more »

PhoenixNAP Network Issues
Posted by Jeff H. on 26 August 2015 02:01 PM

PhoenixNAP Network Outage and Latency

We are seeing widespread outages and latency for the last 5 minutes for servers located at the PhoenixNAP facility.

Currently we are seeing these IPs starting with these number impacted:

  • 198.15.x.x
  • 108.170.x.x
  • 184.95.x.x
  • 184.164.x.x

We are working with the data center to determine the cause of the issue.  These issues are usually short lived.


Update 14:10

From our investigation, appears certain routes are experiencing higher packet loss than others.  We have checked servers and all server are online.  You may get reports of sites being up then down from end-users.   The Network Ops team at the data center is still investigating.


Update 14:13

Network Operations has identified the issue with an upstream transit provider.  They are working to mitigate the issue now.   They may have to adjust routing which can take 10-15 minutes to propagate. 

Update 14:33

We are now seeing recovery of our monitoring and general improvement on all routes.  We will request a Reason For Outage report from the data center.

At this time, we are showing all systems recovered.

Read more »

GHOST Security Issue in Linux
Posted by Jeff H. on 29 January 2015 04:31 PM

GHOST Exploit Update

If you have a management subscription with us, we have already patched your server.   With our automation framework, most systems receive security patches within hours of their release.


cPanel's Exim

In the proof of concept data released by Qualys they mention that Exim, which is used by cPanel, is vulnerable.  This only appeared to be an issue with certain scripting conditions enabled.  We have restarted Exim to assure that it is using the patched glibc.

Reboot Needed?

At this time, we do not see a need for a full server reboot.  While many programs use glibc, the exploit impacts a specific hostname function.  This function must be used in a specific way within the application. 

At the time of this update, most services used on hosting systems are not impacted.   As a precaution, we have restarted some key services.


If any changes emerge or significant security issue develops, we will update our news.



If you have a question about GHOST, please open a low priority ticket.  If you have a security issue, GHOST is unlikely the cause.  In more than 98% of all security incidents we investigate, outdated web application software or poor PHP programming is the cause of the security breach.







Read more »

Web Application Security Services
Posted by Jeff H. on 16 January 2015 10:19 AM

Over the past two years, we have been working very hard improving our server management approach and tools we use.  As a result, we are seeing fewer and fewer services impacting events. 

Our monitoring provides us early warning on a number of issues allowing us to resolve them before they have an impact.  This is good news as it leaves our team more time to research further improvements.

Despite these improvements, we are seeing a growing number of tickets related to Web Application Security.   Common issues are:

  • Spam Floods
  • Malware Attacks
  • Overloaded Servers

Since we do not maintain your web application, there is little we can do to correct the underlying cause of these attacks.   Most of the tools at our disposal are reactive not proactive. 


Solutions:Your best defense against these issues is keeping your sites updated.  There are some tools like Manage WP, CMS Commander and others than can help if you have a large number of sites. 

Server-side defenses like ModSecurity are often too unwieldly to manage on systems with a large number of shared hosting sites. ModSecurity can break sites, resulting in a higher support load for you and us.  If you have few sites, then companies like Incapsual and Sucuri provide Web Application Firewalls.



If you are having repeated issues, you may want to open a special security case with us to evaluate the best solution.  We are provided discount pricing for customers on management plans.  Pricing ranges from $250-500 for most situations depending on the complexity and scope of your operations.  We can help recommend a security strategy with milestones.

With our management plans we do our best to keep things secure, but cleaning up recurring security issues is not covered by the plan.  To prevent additional, unexpected clean up costs in the future, getting an action plan put together now may help reduce long term cost and improve security.






Read more »