There has been an “unprecedented” power outage in Amsterdam and surrounding areas this morning that has even managed to close down flights in and out of Schiphol airport.
The data centre that hosts 2 key Webdesigna servers is located in Amsterdam and the data centre is currently running on diesel generators following an automatic failover. Diesel deliveries have been scheduled to keep the generators running and it is not anticipated that there will be any downtime as a result of the power outage.
A team of engineers is currently on site at the data centre so that, should the situation escalate, a controlled power shutdown can be initiated to minimise any downtime.
We will update this when power supplies have been restored or the situation changes.
Updated March 27, 2015 at 15:09 pm
The power to the data centre has now been restored and the datacenter switched back onto mains power from the generators. No downtime.
Some customers may have noticed a slow down in server response times. We’ve been working with the data centre to resolve a problem with one of our servers that appears to have restricted disk access speeds. Customers with web sites hosted on the evps2 server will see intermittent delays.
The problem has been identified and a resolution is expected today. A temporary solution has resolved the problem for the moment.
— update Feb 6th 2015 11:10 pm
Following a day of monitoring the server, performance has been significantly improved on the server now with an Apdex score of around 0.97 throughout the period which is well within the expected performance range. (Apdex is a measure of web page response to the user between 1 which is perfect, 0 which is awful !). We’ll continue to monitor the server.
— update Feb 7th 2015 12:36 pm
This problem has now been resolved at the data centre and the server is still maintaining the expected response times. Obviously we will continue to monitor the servers but the issue has now been closed.
The mail server signing certificate expired today and a new one has been created. If you use a secure connection to view your email you may find you get a warning regarding the certificate changing.
To continue using a secure email connection you will need to accept/trust the new certificate.
The latest in the list of high profile vulnerabilities, POODLE, has been announced. While it is highly unlikely that any of our customers would be effected by this we have changed the configuration on all the servers this morning to prevent any possible exploitation of this problem. This only effects secure server protocols and has the possibility of allowing the secure key to be read, allowing a third party to potentially read data being transferred between the browser and server. Many browsers are already being updated to prevent this so updating the servers is more of an insurance against future exploits and older browsers.
The changes made should also prevent any related vulnerabilities that may come to light later on.
The fix means the removal of support for the effected security protocol which also means that supporting old browsers over secure links may no longer be possible. Specifically this will effect end users using IE 6 on a version of Windows XP that has not been patched to SP 3.
Shellshock (also known as Bashdoor) is an exploit that potentially allows attackers to run commands on vulnerable servers. The risks are still being analysed but currently the risk for our servers seems to be very low.
In order to exploit the bug the attacker needs to influence a server process that is running the Bash command shell. The most obvious way to exploit this on one of our web servers would be through the use of a Bash cgi script which, fortunately, none of our clients use.
The servers have been patched against this exploit (actually now a collection of different exploits) up to the latest identified weakness – CVE-2014-7187 and we will continue to monitor the situation and apply any further patches as and when they become available.