Ops One AG platform status and maintenance announcements. Times are indicated in local Swiss time. https://opsone.ch/.
All systems are operational
Scheduled Maintenance
Managed Server 10: OpenSSH Security Configuration

For several years, we have followed the OpenSSH recommendations published by Mozilla to ensure a secure and reliable SSH environment. As Mozilla has discontinued updates to these guidelines, we have decided to align our configuration with the latest recommendations from OpenSSH and Debian. This change brings our setup in line with current best practices and ensures continued security and compatibility. The update affects the Ciphers, MACs, and KexAlgorithms used in our OpenSSH server configuration.

We do not expect any issues for our customers. However, if you experience any unexpected behavior, please let us know. We are happy to adjust the configuration for individual servers as needed.

Start maintenance window: 24/11/2025 09:00
Stop maintenance window: 24/11/2025 12:00

Update Collabora 25.04.7.2.1

We will update Collabora to version 25.04.7.2.1.

Reference: #1599

Start maintenance window: 24/11/2025 23:00
Stop maintenance window: 25/11/2025 02:00

LimeSurvey 6.15.23

We will update LimeSurvey to version 6.15.23.

Reference: #67

Start maintenance window: 24/11/2025 23:00
Stop maintenance window: 25/11/2025 02:00

Sentry 25.11.0

We will update Sentry to version 25.11.0.

Start maintenance window: 24/11/2025 23:00
Stop maintenance window: 25/11/2025 02:00

Past Incidents

Tuesday 27th March 2018

Managed Server Version 5: add global nginx config to disallow access to certain TYPO3 locations, scheduled 7 years ago

After removing a whole deny block yesterday, we discovered that this might led to open access to certain directories we missed in our previous investigation.

Therefore, we have added the following location to the global nginx configuration again:

location ~* "(?i)((.*typo3(conf)?)\/(|.*\/)((private|test|build)\/).*)" {
  deny all;
}

Monday 26th March 2018

Managed Server Version 5: remove global nginx config for TYPO3 secure_downloads extension, scheduled 7 years ago

We have removed the following location from our global nginx configuration:

location ~* "(^|/)(typo3(conf)?(/.*|)/(private|tests|build)|secure_[^/]+|(?!css_secure)[^/]*_secure|\.)/" {
  deny all;
}

The configuration was originally created for the TYPO3 extension secure_downloads, but was never documented. As we ran into some problems with other applications, and this setting was required for a very limited number of sites, we decided to remove it altogether. We talked to all affected customers already and applied custom configurations on every affected website.

As of now, please add corresponding deny rules within the local configuration if you want to protect a certain directory.

Managed Server Version 5: Optimize settings for php72 type

After using the php72 type for a few weeks, we discovered several areas for improvement:

  • enable PATH, TMP, TMPDIR and TEMP environment variables which are good practice and required for some applications (e.g. Nextcloud)
  • enable APCu extension
  • enable opcache.enable_cli
  • change opcache.memory_consumption from 128M to 128
Managed Server Version 5: ajust PHP binary path for wordpress70 cronjobs

By now, the cronjob definition of our wordpress70 type used the same configuration as the wordpress type. This had led to the usage of PHP 5.6 for wordpress70 cronjobs on servers where this version was installed due to other websites, while the cronjob did not run altogether on any other systems.

This change implements a dedicated cron configuration for the wordpress70 type with the correct PHP version.

Sunday 25th March 2018

No incidents reported

Saturday 24th March 2018

No incidents reported

Friday 23rd March 2018

No incidents reported

Thursday 22nd March 2018

No incidents reported

Wednesday 21st March 2018

No incidents reported