This has been an interesting week on the Internet, security-wise. A vulnerability in the Bash shell (named “Shellshock”) was announced that allows remote execution of code on unpatched servers with certain configurations. Separately, an undisclosed vulnerability in Xen forced AWS and Rackspace to announce mandatory reboots of many of their customers’ servers. (See Amazon’s announcement and Rackspace’s announcement for more details.)
We’d like to give an overview of how all this is affecting RBCommons and, in turn, you.
We keep a close eye on all security updates available for the software and libraries we use, and are quick to patch our servers as fixes roll out. We’ve also performed many tests to ensure that malicious Shellshock HTTP requests do not impact us. Your data is safe.
Some of the services we use were affected by the mandatory AWS and Rackspace reboots. Earlier today, our mail provider, Mailgun, was temporarily down during the outage, which may have resulted in missing or delayed e-mails for those working on Sunday.
We’ve had a few rare DNS lookup failures, resulting in errors when visiting pages or otherwise interacting with RBCommons. There have only been four so far, and are temporary. If you see a random error loading a page, please just try again. We know this failure has affected a number of other AWS customers as well.
Tonight at 11PM PST, Amazon is scheduling some of our servers for a 6 hour maintenance window. This isn’t the first set of our servers to have undergone the mandatory maintenance, and we aren’t expecting any interruption to RBCommons during this time. However, we may be running at reduced capacity for about 20-30 minutes. We will be monitoring things closely.
If you are repeatedly hitting problems with RBCommons, please contact us!
We’ll post further updates if there’s anything to report.