Hello,
This email contains important information with regards to recent and planned upgrades to our servers, which will improve your website’s security. As always, if there is anything included in this email that you would like more details on (or even a more ‘layman’s’ explanation!) then please do not hesitate to drop us an email at support@magicgenie.co.uk. We are always happy to help and answer any questions that you might have.
We recognise it is important to keep our server’s security at the cutting edge of what is currently available. As part of this process we are going to be making a number of changes to how our server handles PHP and implementing PHPSuExec. This allows PHP to run under individual ‘named’ users rather than a generic user, usually known as ‘nobody’. Running as ‘nobody’ is known to cause security issues with any files that are uploaded going in to folders with ‘777 permissions’. This means that in theory, anyone can access those folders and alter your files. In addition, email sent via PHP scripts is sent as ‘nobody’ which potentially allows SPAM to be sent via the server. This upgrade will rectify these issues.
We will be undertaking this upgrade on Saturday 5th November 2011 at 00:00 GMT, which we hope will be a time that causes as little inconvenience to you as possible.
There should be very little noticeable downtime but importantly, once this upgrade has been made we are aware that some customers will need to alter any of their website’s folders with 777 permissions. These will need to be changed to a value no greater than 775. You can do this via Cpanel’s file manager or most FTP software. Normally, files with 777 permissions will only be in folders for file uploads such as for example wp-uploads for Wordpress.
If you have also made changes to the PHP installation via a ‘.htacess’ file, this will now need to be done via a ‘php.ini’ file in the directory. PHP will not be running as an ‘apache’ module. Only PHP directives will change - this will not affect apache related settings such as mod rewrite.
We will be having a larger support team to monitor our customer’s sites as the upgrade goes through and we will attempt to change any permissions that are required so that hopefully, you will not notice a thing! Our larger team will also be able to process additional support requests over the weekend of the 5th and 6th November. If at any point you are experiencing problems – specifically ‘500 Internal Server’ errors – or are just unsure, please do not hesitate to contact us.
NB: DO NOT MAKE ANY OF THESE CHANGES UNTIL AFTER 06.00 ON 5th NOVEMBER 2011 (UNTIL THE UPGRADE IS COMPLETE) OR YOUR SITE MAY NOT FUNCTION CORRECTLY.
We apologise in advance for any inconvenience that this upgrade may cause. In all likelihood though, it will seamlessly occur overnight without you noticing any visible change to your website. It will however result in a security boost to our servers and thus your website and data.
Thanks once again for your custom, it is sincerely appreciated.
Best wishes,
The Magicgenie.co.uk Team.
