Jan 19 |
Upcoming Billing System Migration
Posted by Brent S. on 19 January 2015 06:01 PM |
Last year, we successfully implemented an updated account portal (https://billing.touchsupport.com/) that offers additional benefits and features compared to our current system (https://legacy-billing.touchsupport.com/). Over the next month, we will be hard at work migrating all accounts to the updated portal so that you can experience the most recent enhancements! The new account portal provides secure access to pay invoices, review service details, open support requests and manage devices. Once your account is migrated, you will notice immediate improvements:
Additionally, customers with hosted data center solutions in one of our data centers will be able to take advantage of:
The security and accuracy of your account data is paramount and we understand the potential pitfalls of any type of migration. To ensure a smooth transition, we will be manually migrating accounts, one at a time, using the following process: Pre-Migration Migration Post-Migration Answers to commonly asked questions regarding the migration are listed below: Q: When will I be able to access the updated account portal? Q: How will I receive my new login credentials? Q: Is there anything I need to do? Q: What if I have an active PayPal subscription that automatically sends payment each month? Once you receive your first invoice from our updated portal, you will have the ability to create a new PayPal subscription. We apologize in advance for the inconvenience this causes. Q: I have an account credit balance. What will happen to it? Q: Is there any downtime associated with the migration? If you have any questions, please let us know by opening a new request at https://support.touchsupport.com/index.php?/Tickets/Submit Read more » | |
Dec 24 |
Touch Support Maintenance | Sunday Dec 28, 2014 at 8:00pm EST
Posted by Brent S. on 24 December 2014 05:38 PM |
Upcoming Maintenance Notification Read more » | |
Sep 25 |
CVE-2014-6271: Severe Bash Vulnerability Disclosed
Posted by Brent S. on 25 September 2014 12:40 PM |
A major vulnerability in the Bash shell has been disclosed yesterday. This vulnerability may impact many websites, content management systems, web applications and web server platforms. Any shell execution or shell function that is performed by a web application, including the storage of request data in environment variables, may present an attack vector that allows the execution of arbitrary code. What this means: Systems that have not updated their version of ‘bash’ and who provide web hosting in any form may allow remote attackers to upload files, execute arbitrary commands, capture sensitive data, generate SPAM and more. This vulnerability was announced yesterday and the community has not had time to research the impact this has on individual products, but this may turn out to be one of the most significant vulnerabilities reported this year. You will likely start hearing about it in mainstream press as the week progresses. What to do: If you're currently subscribed to one of our server administration plans, our staff is already hard at work updating the version of 'bash' to keep your server up-to-date. These should be no interruption to service for any customer while this upgrade is happening. Otherwise, if you are the administrator of a Linux server, update your version of ‘bash’ to a patched version immediately. For example, an update for Ubuntu has already been released. If you are running Ubuntu, executing ‘apt-get update’ and then ‘apt-get upgrade’ without quotes should fix the issue for you. The Touch Support difference: We install a unique set of tools onto your server(s) when you sign-up for one of our server administration plans. When these types of vulnerabilities arise, our team quickly identifies them and develops a plan to keep your data safe, which typically include software updates that are rolled out to all affected servers. Then, we check to make sure they are no longer vulnerable. But, we don't stop there. Our proprietary system administration tools are then updated to include a check for the specific vulnerability so that our administrators are instantly notified in the future if there is an issue. For more information: Please reference the following sites for additional details: https://access.redhat.com/articles/1200223 https://access.redhat.com/security/cve/CVE-2014-6271 Read more » | |
Sep 5 |
cPanel releases EasyApache 3.26.7
Posted by Brent S. on 05 September 2014 11:55 AM |
SUMMARY Read more » | |
Jul 29 |
cPanel releases EasyApache 3.26.3
Posted by Brent S. on 29 July 2014 03:16 PM |
cPanel, Inc. has released EasyApache 3.26.3 with PHP version 5.5.15, Libxslt version 1.1.28 and Libxml2 version 2.9.1. This release addresses PHP vulnerability CVE-2014-4670 by fixing a bug in the SPL component, CVE-2012-6139 by fixing a bug in Libxslt, and fixes bugs in Libxml2 to address the following CVEs: CVE-2012-5134, CVE-2013-0338, CVE-2013-0339, CVE-2013-1969, and CVE-2013-2877. We encourage all PHP 5.5 users to upgrade to PHP version 5.5.15, and all users to upgrade to Libxslt version 1.1.28 and Libxml2 version 2.9.1. AFFECTED VERSIONS Read more » | |
Jun 27 |
SuperMicro IPMI Vulnerability Notification
Posted by Eric M. on 27 June 2014 11:57 AM |
Hello, Many of you have likely heard of a vulnerability which affects the SuperMicro manufacturer's out of band management controller: IPMI. Details on this vulnerability can be found at http://blog.cari.net/carisirt-yet-another-bmc-vulnerability-and-some-added-extras/ . This vulnerability allows attackers to quickly determine the password used to access the component by accessing port 49152 over public networks. They can then use it to format your machine, gain root or administrator level access, or use it to engineer other attack vectors. To test if you are vulnerable you can attempt to connect via port 49152 and review the response to “GET /PSBlock”. If you are or think you are on a vulnerable SuperMicro publicly accessible IPMI, it is strongly recommended to complete the following. FIRST SECOND Note Completing these steps out of order will leave your newly changed password vulnerable. If you are a colocation client currently running SuperMicro machines with publicly accessible IPMI, we strongly urge you to take efforts to secure your machine's IPMI immediately. If you need time to secure these IPMI devices, please open up a ticket with us now and list the IPMI IPs you would like null-routed. If you are a server administration client currently running SuperMicro machines with publicly accessible IPMIs we strongly recommend contacting your data center to to secure these IPMI devices. The immediate recommendation is to ask your datacenter to block port 49152 to prevent access while you secure any publicly accessible IPMIs. If you have questions or comments, please open a ticket so that we can address them. Read more » | |