As you may have read recently in the media, a flaw has been discovered in the SSL v3 protocol that leaves SSL vulnerable to having the secure data decrypted and read by third parties.

In order to protect our customers and their visitors, we have disabled the SSL v3 protocol on all servers. This will not affect most people, as only very old browsers still use this protocol. The newer protocols remain secure and available for use. If you have any trouble accessing SSL sites, please ensure that you update your browser to the latest version.

We are currently working on a problem with the US server Oberon which provides Web and the Control Panel. The issue has been caused by a Windows Update. We are currently working to repair Windows and bring the server back online. As soon as an update is available we will post here.

Please accept our apologies for this issue.

UPDATE: Windows has now been repaired and the server is back online and running as normal. Please accept our apologies for the issue caused by a Windows Update.

Welcome to another LiquidSix Hosting customer newsletter! Although we do not have any big announcements this time, we have a number of scheduled maintenance nights during October, as well as information on changes to the default operating system used for new domains and a couple of other items. Please read on for more details!

CONTENTS

I. Windows 2003 and Windows 2012 Information
II. PHP Upgrades
III. MySQL Upgrades
IV. Migration of Websites on UK Web Server 'Metis'
V. SQL Server 2014
VI. Insecure Scripts
VII. Release of .uk domains

I. Windows 2003 and Windows 2012 Information

As you will be aware, at the beginning of this year we released our new hosting platform based on Windows 2012 R2. Many customers have been making use of this platform for their new websites, as well as using our migration tool to move existing Windows 2003 based sites onto it.

In July 2015, Microsoft will be ending support for Windows 2003 and not releasing any further security patches. Because of this, we would like to encourage all customers to start thinking about moving their websites to Windows 2012 R2, if they have not done so already. Not only will you receive the benefits of the newer operating system, but also of the more powerful hardware that we use on our new platform. The "Move to Windows 2012" tool, which you will find for each domain in the control panel, allows you to perform the move at any time that you wish, so that you can plan exactly when it will take place.

In the lead up to Microsoft ending support, we will be taking steps to reduce the number of domains on Windows 2003. The first of these steps will affect resellers only, and will take place on the 1st December 2014. On this date we will be enabling Windows 2012 on all reseller accounts that have not already enabled it, and making it the default for new domains. Further steps will be announced in 2015.

If you have any questions about our Windows 2012 hosting, or need any assistance with the move, please do not hesitate to contact us. Remember that Windows 2012 does not cost any extra on any of our plans!

II. PHP Upgrades

Between 12.30am and 6.00am on Saturday 11th October 2014 we will be upgrading PHP 5.4 on Windows 2003 to the latest 5.4 release, and PHP 5.5 on Windows 2012 to the latest 5.5 release. This process should not cause any issues for websites as there should be no breaking changes in these upgrades, but we encourage all customers using PHP to check that their scripts remain compatible. There is no upgrade available to PHP 5.2 on Windows 2003, but in order to keep sites secure and up to date we do recommend that customers still using 5.2 investigate changing to PHP 5.4 which can be done from the "Website Settings" page in Helm once scripts have been checked for compatibility.

Each web server, both in the UK and the US, will be being upgraded in turn. The downtime for each server should be less than 10 minutes during the 12.30am to 6.00am window.

III. MySQL Upgrades

Between 12.30am and 6.00am on Saturday 18th October 2014 we will be upgrading MySQL both in the UK and the US to the latest release of MySQL 5.6. This process should not cause any issues for websites as there should be no breaking changes in these upgrades. The downtime for the MySQL servers should be less than 30 minutes each, during the 12.30am to 6.00am window.

IV. Migration of Websites on UK Web Server 'Metis'

Between 12.30am and 6.00am on Monday 13th October 2014 we will be moving websites on the UK web server Metis to new hardware. This will only affect websites that are hosted on Metis and will not have any effect on websites hosted on the other web servers. The migration will be prepared in advance so that the downtime for websites should be less than 30 minutes, during the 12.30am to 6.00am window.

V. SQL Server 2014

We have had some enquiries about when we will be moving from SQL Server 2012 to SQL Server 2014. We intend for this upgrade to take place in late December or early January for both the UK and US servers. Once we have further information and a date we will email all customers to give plenty of warning of the change.

VI. Insecure Scripts

We would like to take this opportunity to remind customers of the important of keeping scripts up to date with all the latest security patches. Many popular scripts have well known flaws in them that can be exploited to take control of a website if they are not properly patched. We especially recommend that customers using Joomla or Wordpress upgrade to the latest versions, as these are some of the most common targets. We have also recently seen a reoccurrence of attacks against an old ASP editor called "FCKEditor". If you have this installed on your website we recommend removing it immediately and replacing it with an alternative, as it has a number of major security flaws.

If you would like to secure your website further, Helm will allow you to disable features that you do not need on the "Website Settings" page. We recommend only having scripting languages that you need enabled, and also disabling "Website Write Permissions" unless your website needs to write to files.

VII. Release of .uk domains

Since our last newsletter, the UK registry Nominet has released a new product in the form of ".uk" domains. This allows you to use the shorter extension, such as liquidsix.uk instead of liquidsix.co.uk. For the first few years, anyone with a .co.uk has first rights to the .uk equivalent. If you have a .co.uk domain with us and would like to take advantage of this, or you wish to register a new .uk domain (for which there is no equivalent .co.uk domain currently owned by anyone else) you can do so through the "LiquidSix Domain Registrations" icon in the control panel. The price remains the same at £8.00 for 2 years.

We would like to thank you for your continued custom and if you have any questions about anything in this newsletter, please do not hesitate to contact us in the normal way via the helpdesk at https://support.liquidsix.com.

Regards,
LiquidSix Hosting

To fix some problems located on these servers, we will be performing emergency maintenance on them this afternoon which will require some downtime. We expect this to be less than 20 minutes per server.

Ganymede hosts Helm and SmarterStats in the UK, so these services will be affected whilst it is unavailable.

Io is a Windows 2012 web server, and the downtime will only affect websites that are hosted on that particular server.

I. 10th Birthday Celebrations 

On the 16th April 2014, LiquidSix Hosting turned 10! We would like to take this opportunity to thank you and the rest of our customers for your custom over the past 10 years. To celebrate, we have 3 offers available to both new and existing customers until the 26^th April.

OFFER 1: Existing Customer Shared and Reseller Upgrades

To thank our existing customers for their loyalty, we are offering a discount on plan upgrades based on how long you have been a customer! Every existing customer gets 30% off the initial cost of their upgrade, plus an extra 2.5% for each full consecutive year that you have been a customer as of the 16^th April 2014. That’s a maximum discount of 52.5%! In addition you receive 10% off the future monthly, quarterly or yearly fees for as long as you keep the plan. To qualify, it must be an upgrade and not a crossgrade or downgrade. To see how we define an upgrade, as well as how the initial upgrade cost is calculated, please see our guide on changing plans: https://support.liquidsix.com/index.php?/default_import/Knowledgebase/Article/View/104/0/changing-your-hosting-plan. To view our full range of plans, please see http://www.liquidsix.com/hosting

OFFER 2: New Shared and Reseller Hosting Plans
Save 25% off the initial monthly, quarterly or yearly charge when you order one of our new single domain, multi domain or reseller hosting plans. As well as the initial 25% discount, you receive 10% off the future monthly, quarterly or yearly fees for as long as you keep the plan with us! To view our full range of plans, please see http://www.liquidsix.com/hosting

OFFER 3: Dedicated Servers & VPS

For our birthday celebrations, we are offering 30% off the initial cost of any of our dedicated servers or virtual private servers. That's a saving of up to £659.99!. Not only that, but we are also offering 10% off the future monthly, quarterly or yearly fees for as long as you keep the server with us! Finally, we are also offering free setup on any of our range of dedicated servers, saving you up to £150! Please note that the VPS and Dedicated offer is only available whilst stocks last. To view our full range of servers, please see: http://www.liquidsix.com/servers

If you would like to take advantage of any of the above offers, simply open a sales ticket at https://support.liquidsix.com and we will assist you with your order!

II. SmarterMail Upgrade

We will be upgrading both the UK and US mail server to the latest version of SmarterMail, version 12, between 12am and 6am UK time on Monday 21^st April 2014. The downtime during the upgrade should be less than 15 minutes.

III. Heartbleed Vulnerability

We have had some questions from customers over the affects of the Heartbleed vulnerability recently found in OpenSSL. We would like to reassure all customers that as all of our servers are Windows/IIS servers, they use a Microsoft implementation of SSL and do not use OpenSSL. Therefore we are unaffected by this vulnerability and all sites hosted with us remain secure. There is no need to change any passwords etc with us, unless you use the same password with another company (which we do not recommend) and that company has been affected.

We thank you for your continued custom and we look forward to serving you for the next 10 years! If you have any questions or comments about anything in this newsletter, please do not hesitate to contact us via the helpdesk at https://support.liquidsix.com.

Regards,
The LiquidSix Hosting Team

We have had some questions from customers over the affects of the Heartbleed vulnerability recently found in OpenSSL.

We would like to reassure all customers that as all of our servers are Windows/IIS servers, they use a Microsoft implementation of SSL and do not use OpenSSL. Therefore we are unaffected by this vulnerability and all sites hosted with us remain secure.

There is no need to change any passwords etc with us, unless you use the same password with another company (which we do not recommend) and that company has been affected.