06 Jan

Meltdown and Spectre

Work has begun on patching the recently released vulnerabilities known as “Meltdown” and “Spectre”, with the CVEs  of: CVE-2017-5754, CVE-2017-5753, and CVE-2017-5715 on your server(s). More information on these vulnerabilities available here: https://www.alpineweb.com/backroom/announcements/57/Meltdown-and-Spectre.html

If your server(s) are running a Linux-Based operating system, they will be patched and automatically rebooted over the next 48 hours. Due to the severity of these vulnerabilities, we are unable to schedule the patching and reboot process.

In either situation, we have you covered and no action is required from you at this time.

Share this
24 Jan

Why Should I Update My WordPress Site?

A common question we here is “Why do I have to update my WordPress my website it is working and looking fine – no issues?” Technology evolves quickly and know that it is better to stay up to date at all times. As new versions are released, with each version comes refinements and patches to vulnerabilities and loopholes in the existing software. Major releases have added features that allow you to do more things often easier than before.

Updating a WordPress site is important – so do not ignore those Orange Circles in your WordPress Dashboard. If you do not update WordPress you risk hackers and spammers gaining access to your site usually for nefarious reasons. They can take advantage of vulnerabilities and loopholes in the outdated software and this puts your site at risk of getting hacked, your data stolen, malware installed, and more.

Some of the most obvious reasons to always run your WordPress Updates.


This is the most important reason. WordPress is a popular Content Management System if not the most popular – it is used extensively to power websites large and small all around the world. According to research done in 2015 WordPress is used by around 25% of all websites and growing fast. Considering the number of CMS platforms there are – this is an impressive number. WordPress is user friendly, devlopers can do great things with it, it is SEO friendly and so much more – we believe it will only continue to grow in popularity – we love working in WordPress.

Apart from its popularity, it is also an open source application. This means that you can use this application at no charge. Open source also means that the code is available online for anyone to see and learn. It also allowes the opportunity to write code and be a part of the revolution that WordPress is today.

The only downside to this is that it also allows the bad guys to look up code and see how it functions and look for vulnerabilities that they can exploit. It is popular and many people use it, which further compounds the risk. One a vulnerability is found, all sites running that version of WordPress are at risk of getting hacked or infected by a virus. Hackers & viruses can check steal sensitive data like user information. Can delete content or pages from your site, or add obscene or objectionable content to your site. It can also add malicious code that puts other sites and visitors at risk.

The best way to ensure safety is to update your site whenever a newer updated version is available. WordPress keeps a track of all security vulnerability that are reported to them by other users. Those vulnerabilities are taken care of when a newer versions are made available. To ensure that your site is kept secure it is important to update WordPress as soon as you can. We always recommend setting up automatic updates.

New features

Working with WordPress is like having a team of developers working for you, day and night, at no cost to you. The WordPress team is busy working on improving the product for you while you tend to your business. WordPress started out as a simple blogging platform. Many new features and functions kept getting added to it, and over time it grew to be the most feature rich CMS platforms that powers the most websites on the web today.

WordPress is lightweight and comes with a minimum set of features. However, whatever features you want can be added to the site later in the form of plugins. You only add what you actually need. There are thousands and thousands of WordPress plugins you can choose from, depending on what you want to features and functions you need for your site.

To take advantage of the new features and functions introduced into the core WordPress CMS and also by other plugins, you have to ensure that you are running an up to date version of the CMS. If you are not it can render some important plugins useless. This is why you must update WordPress if you want your site to have all the cool new features functions of WordPress.


We bring up speed as it is an important factor that affects user experience and can also work wonders for your SEO efforts. As Google has officially confirmed Speed as an SEO factor. An older site with outdated code can never be well optimized enough to run faster and efficiently. Therefore, to ensure that your site is well optimized and runs at an optimal speed, you must keep your site updated to the latest version of WordPress available.

Page speed or load times can dramatically affect user experience. It can decide whether one stays at your site or moves on to your competitor. People do not have patience and longer wait times could simply mean the user moves on. For you that could mean lost business. So it makes sense to ensure that the site loads faster. And to ensure a faster site, you could start with keeping your site updated.

Bug fixes

Errors and bugs on a site also affect user experience to a great extent. A site that does not behave or function the way it is intended could confuse users, giving a poor impression of you and your business. They may find it difficult to trust you with their sensitive information. For that reason, they may decide to not register on your site, or chose not to subscribe to your email updates, or simply decide not to buy from you.

One of the easiest ways to keep your WordPress site bug free is to update your site whenever a newer version is available. WordPress team indeed does a good job of keeping updated with bugs and errors that creep into their code; and they ensure to fix them with every subsequent release. So running an older version simply means running your site with all the bugs and errors that have already been sorted out in the newer versions. So the best way to ensure a bug free site, is to update your core WordPress software regularly.

Therefore, it is absolutely necessary to chalk out an active maintenance plan for your site and make sure that your WordPress site is kept updated at all times.

How To Update WordPress

Log into the Dashboard, WordPress will indicate that there is a newer version available as indicated by the orange circles. Just click on the update now or check the appropriate plugins or themes and hit update – couldn’t be easier!

Share this
13 Jan

WordPress Upgrade 4.7.1

A security release for all previous versions WordPress is now available, which the company strongly recommends all users upgrade to immediately. WordPress 4.7.1. is a security release for all previous versions and we strongly encourage you to update your website(s) immediately.

Specifically, the release addresses eight security issues affecting WordPress versions 4.7 and earlier:

  • Remote code execution (RCE) in PHPMailer
  • The REST API exposed user data for all users who had authored a post of a public post type. WordPress 4.7.1 limits this to only post types which have specified that they should be shown within the REST API.
  • Cross-site scripting (XSS) via the plugin name or version header on update-core.php.
  • Cross-site request forgery (CSRF) bypass via uploading a Flash file.
  • Cross-site scripting (XSS) via theme name fallback.
  • Post via email checks mail.example.com if default settings aren’t changed.
  • A cross-site request forgery (CSRF) was discovered in the accessibility mode of widget editing.
  • Weak cryptographic security for multisite activation key.

In addition to the issues listed above, WordPress 4.7.1 fixes 62 bugs from 4.7. Version 4.7.1 can be downloaded directly from your WordPress dashboard, or you may already have it if you’ve signed up for automatic updates.

If you are an Alpine Hosting client and are unsure how to set up automatic updates please click here for more information.

Share this
08 Dec

New ICANN Domain Transfer Policy

ICANN’s New Transfer Policy came into effect on December 1, 2016 setting out new rules regarding changing or updating a domain name’s registrant contact information.

What is the New Transfer Policy?

The Transfer Policy, formerly known as “Inter-Registrar Transfer Policy” or IRTP, sets out how domain transfers should be handled. Up until now, this policy only covered domain transfers between registrars. From

December 1, 2016 on this will also cover the process of changing ownership of a domain from one registrant to another.

What is the impact of this change?

What this means is that when a registrant performs an update to the registered name, organisation or email address for any gTLD (non-country code) domain they own, a Change of Registrant process will be

triggered. This process involves an approval email sent to both the New and Prior Registrant.

The changes will not take effect until the change has been confirmed by both parties, and following the change, the domain will enter a 60 day lock period during which it cannot be transferred or modified again.

If either party declines the change, then the change of registrant request is cancelled and the previous whois info remains the same.

In most cases, following a request to change the WHOIS information for their domain, the new registrant will receive an email. This email will ask them:

  • To approve or decline the Change of Registrant.
  • To confirm that their information is correct.

Upon approval by the New Registrant, a similar email will be sent to the Prior Registrant asking them to also approve the Change of Registrant.

Only once both approvals have been received is the change of registrant completed.

Share this
29 Jul

System Administrator Appreciation Day 2016

Happy SysAdmin Day to all System Administrators wherever you are!

Today is the Seventeenth Annual System Administrators Appreciation Day. Who are SysAdmins and what do they do?

System Administrators work behind the scenes performing a wide variety of tasks keeping computers and computer networks up and running. Software installation and upgrades, hardware maintenance, troubleshooting and problem solving, security and defending networks and computers from cyber attacks are just some of the tasks SysAdmin’s are working on right now.

Here are a few links with more information about SysAdmin Day, some ideas about how to celebrate and show appreciation for your System Administrator:


<ps>AlpineWeb SysAdmins are partial to and can be bribed with either of the two za’s. Pizza and Cerveza!</ps>

Share this
21 Jul

HTTPOXY Vulnerability Patched

The HTTPOXY Vulnerability has been patched on all Alpine Hosting Plans.

CloudFlare instituted a fix on July 18, 2016. See their blog post here.

If you are not using CloudFlare learn more here:


If you are managing your own VPS or Dedicated Server running cPanel/WHM you can run the latest version of EasyApache v3.34.2 to install the patch for HTTPOXY.

Read the cPanel blog post here:


Share this

© 2018 AlpineWeb Design