9th April 2018

WebSrv patching

We've come aware of a security-issue with the VestaCP software we use on nodes Paige and Happy.

Update 17:03 CEST: We've disabled the control panel to prevent infection. All websites are fully functional, only the control panel has been taken offline as a safety precaution.

Update 17:04 CEST: We are checking if systems are affected.

Update 17:10 CEST: We don't see any unexpected behaviour on both Paige and Happy.

Update 17:16 CEST: Paige has been updated to 0.9.8-20 which contains a fix for the issue, control panel available again.

Update 17:23 CEST: Happy is up again as well, also patched.

Update 17:24 CEST: We are checking which customers are running VestaCP on their VPS servers and are informing them.

Update 17:37 CEST: Customers with open VestaCP ports (TCP-8083) have been informed.

Update 17:46 CEST: Full-scan of Paige done: no infections.

Update 17:49 CEST: Full-scan of Happy done: no infections.

Update 17:50 CEST: Issue marked as fixed for now, we will keep a close eye on traffic from/to port 8083.