Ops One AG | Status

Managed Server Version 6: Linux Kernel Update, scheduled 4 years ago

The Linux kernel will be updated to version 4.9.0-17. To load the new versions, we will reboot all Managed Server during our next maintenance window.

Start maintenance window: 20/12/2021 00:00 CET
Stop maintenance window: 21/12/2021 02:00 CET

Managed Server Version 7/8: Docker 20.10.12, scheduled 4 years ago

We will update Docker to the latest version 20.10.12. Please make sure your containers are starting automatically, as we have to restart the Docker daemon to complete this update.

Start maintenance window: 20/12/2021 23:00
Stop maintenance window: 21/12/2021 02:00

Update Matomo, scheduled 4 years ago

We will update Matomo to version 4.6.2.

Start maintenance window: 20/12/2021 23:00 CET Stop maintenance window: 21/12/2021 01:00 CET

SaaS: Mailserver Update, scheduled 4 years ago

We perform software updates on our mail servers. We expect a downtime of ~5 minutes.

Start maintenance window: 20/12/2021 23:00
Stop maintenance window: 21/12/2021 02:00

New features / Changes:

[Docker] Update phpfpm, Clamd, SOGo, Dovecot, Solr
[Web] Allow multiple TOTP

No incidents reported

Managed Server Version 8: Composer 1.10.24

Composer was updated to version 1.10.24

Managed Server Version 7: Composer 1.10.24

Composer was updated to version 1.10.24

Managed Server Version 6: Composer 1.10.24

Composer was updated to version 1.10.24

Managed Server Version 7: TYPO3 11.5.4 maintenance release published

This version is a maintenance release and contains bug fixes only.
For details about the release, please see:

https://get.typo3.org/release-notes/11.5.4
https://typo3.org/article/typo3-1154-and-10422-maintenance-releases-published

Managed Server Version 8: TYPO3 11.5.4 maintenance release published

This version is a maintenance release and contains bug fixes only.
For details about the release, please see:

https://get.typo3.org/release-notes/11.5.4
https://typo3.org/article/typo3-1154-and-10422-maintenance-releases-published

Managed Server Version 7: TYPO3 10.4.22 maintenance release published

This version is a maintenance release and contains bug fixes only.
For details about the release, please see:

https://get.typo3.org/release-notes/10.4.22
https://typo3.org/article/typo3-1154-and-10422-maintenance-releases-published

Managed Server Version 8: TYPO3 10.4.22 maintenance release published

This version is a maintenance release and contains bug fixes only.
For details about the release, please see:

https://get.typo3.org/release-notes/10.4.22
https://typo3.org/article/typo3-1154-and-10422-maintenance-releases-published

Cockpit: Version 2.14.0

#699 [TASK] Domain pricing update
#526 [FEATURE] Server details: show discounted price
#700 [FEATURE] DNS zones: create cryptokeys on zone creation
#701 [FEATURE] Domains: add DNSSEC toggle
#703 [FEATURE] Server/domain list: show discount
#708 [BUGFIX] Sentry: send correct environment

Reference: #706

Cluster Maintenance, scheduled 4 years ago

We are performing maintenance on our Nutanix cluster. During this time, there may be higher disk i/o.

Start maintenance window: 13/12/2021 23:00
Stop maintenance window: 14/12/2021 06:00

Update Elasticsearch & Kibana 7.16.1, scheduled 4 years ago

We will update Elasticsearch and Kibana to version 7.16.1.

Start maintenance window: 13/12/2021 14:20
Stop maintenance window: 13/12/2021 14:45

Managed Server Version 7: Web Application Firewall: Additional Rules to mitigate CVE-2021-44228 (Log4j)

Our web application firewall does already detect all known exploits targeting arbitrary GET and POST parameters (CRS rule 932130). However, the rule did not inspect HTTP headers such as the user-agent and referrer yet.

To mitigate attacks against this vulnerability, we

added the User-Agent and Referer headers to the targets of the CRS rule 932130
added another, targeted rule against the usage of jndi strings

Even though the web application firewall does protect your applications from this issue unless manually disabled, make sure to take the required steps to mitigate the problem at its source, as outlined by Log4j here.

Reference #1093

Managed Server Version 8: Web Application Firewall: Additional Rules to mitigate CVE-2021-44228 (Log4j)

Our web application firewall does already detect all known exploits targeting arbitrary GET and POST parameters (CRS rule 932130). However, the rule did not inspect HTTP headers such as the user-agent and referrer yet.

To mitigate attacks against this vulnerability, we

added the User-Agent and Referer headers to the targets of the CRS rule 932130
added another, targeted rule against the usage of jndi strings

Even though the web application firewall does protect your applications from this issue unless manually disabled, make sure to take the required steps to mitigate the problem at its source, as outlined by Log4j here.

Reference #1093

Managed Server Version 6: Web Application Firewall: Additional Rules to mitigate CVE-2021-44228 (Log4j)

Our web application firewall does already detect all known exploits targeting arbitrary GET and POST parameters (CRS rule 932130). However, the rule did not inspect HTTP headers such as the user-agent and referrer yet.

To mitigate attacks against this vulnerability, we

added the User-Agent and Referer headers to the targets of the CRS rule 932130
added another, targeted rule against the usage of jndi strings

Even though the web application firewall does protect your applications from this issue unless manually disabled, make sure to take the required steps to mitigate the problem at its source, as outlined by Log4j here.

Reference #1093

No incidents reported

Past Incidents

Monday 20th December 2021

Friday 17th December 2021

Thursday 16th December 2021

Wednesday 15th December 2021

Tuesday 14th December 2021

Monday 13th December 2021

Sunday 12th December 2021

Saturday 11th December 2021