Update 12th of January 2018 17:30
Update 9th January 2018 18:18
We thank you for hosting your services on a VPS at Greenhost.
Further to our email of last week regarding the Intel bugs Meltdown and Spectre we would like to inform our customers who run a Debian or Ubuntu stock kernel.
Due to the Meltdown patches and the way we host your VPS after the Meltdown incident, stock kernels are no longer compatible with our platform.
Because of this, it is necessary to reboot your VPS at your own behalf until Friday. This can be done by using the ‘shutdown’ and ‘start’ command from the service center (a normal reboot is not sufficient).
On Friday, we will force the reboot if you have not executed the reboot yourself by then.
For our customers who use Docker together with the aufs storage driver, we’re phasing aufs out. However, we will include overlayfs as an option, which is recommended by Docker.
If you have any questions or concerns please do not hesitate to contact us.
Update 5th January 2018 17:00
Update: 4th of January 2018 19:10
Shared hosting has been updated by now. It could be that we have to reboot the Shared hosting server one more time for performance reasons.
Concerning the VPS: for the necessary update we need to update the VPS kernel to 4.14.11 or higher. This means that the VPS’s needs to be rebooted once. We expect that most of the VPS will be updated tomorrow.
Furthermore the first tests show us that the performance reduction of the update for both Shared hosting and VPS is limited.
Update: 4th of Januari 2018 17:45
Update: 4th of Januari 2018 14:55
Our team has been busy searching for ways to secure our hosting nodes even more. In the meantime we received updates from a part of our vendors. We still haven’t received all the necessary information but where we could , we have been updating our systems to prevent the bug. Futhermore we’re investigating what is the best way .
Update: 3th of Januari 2018 18:47
As you may have read or heard, yesterday the Register announced several severe security problems with Intel processors, which are affecting nearly all computers with modern Intel processors (link below). This means an emergency maintenance window is scheduled from tomorrow onwards (January 4th), which can lead to downtime for your website or Virtual Private Server(s) outside the normal maintenance window. Please see below for more details.
Like most hosting providers, Greenhost uses Intel processors for our hosting and cloud infrastructure and this means our servers are also vulnerable for these security issues. The current security issue is severe and cannot be isolated with other methods. This requires us to act as soon as possible to protect against possible exploitation of this bug by attackers. This problem is not just limited to the Greenhost infrastructure, several other (major) cloud providers are scheduling forced reboots of their platform in the coming week(s) to solve this issue when a fix becomes available.
The exact severity of the flaw has not yet been publicly disclosed, but it seems that the different operating systems view it as a serious problem that apparently cannot be patched with a small update. Our customers can be ensured that we are closely monitoring the situation. Where possible we already fixed some parts of our infrastructure, while we are awaiting for more information from our vendors.
As soon we received a fix from our vendors, we will update our hosting and cloud infrastructure. That might mean a temporary loss of service, but of course we will try to keep downtime to a minimum.
Due to the nature of the fix, you might experience performance degradation after the fix is deployed. Unfortunately at this point we can not estimate how big the impact is and we will evaluate if extra resources needs to be added after the fix.
If you want to know more about the technical details of this severe security problem, we like to reference you to the article of the The Register (link below)
The Greenhost Team
Called in on 2018-01-03