Betty1 Posted February 5, 2005 Share Posted February 5, 2005 I don't believe I have any kind of blogging software on my account as that has never, ever interested me. Do all the TCH customers get one of those e-mails? Even the ones who don't have any kind of blogging software on their accounts? Quote Link to comment Share on other sites More sharing options...
TCH-Dick Posted February 5, 2005 Share Posted February 5, 2005 Yes, the e-mail you received was sent out to ALL of our customers. Quote Link to comment Share on other sites More sharing options...
ramone_kalsaw Posted February 5, 2005 Share Posted February 5, 2005 Yes, the e-mail you received was sent out to ALL of our customers. <{POST_SNAPBACK}> I just updated my software to the latest version of Expression Engine - v. 1.2.1: Does that meet TCH's requirement for blogging software? Quote Link to comment Share on other sites More sharing options...
mjovery2 Posted February 5, 2005 Share Posted February 5, 2005 Is it not possible to be more specific? Can you identify specifically the blogging scripts causing server load problems? It would help users to prioritise upgrades accordingly. We need to work together on this issue so it would be in the best interests of both parties to have more information of the scripts causing server load problems As a starter I would suggest an initial focus on upgrading phpBB and moveable type scripts the recent issues of which are well documented on the relevant websites Quote Link to comment Share on other sites More sharing options...
TCH-Thomas Posted February 5, 2005 Share Posted February 5, 2005 I haven´t really followed the blogging discussions here since I dont have one myself, but a good advice is to keep any scripts at all up to date. Quote Link to comment Share on other sites More sharing options...
Deverill Posted February 5, 2005 Share Posted February 5, 2005 Is it not possible to be more specific? ... We need to work together on this issue so it would be in the best interests of both parties to have more information of the scripts causing server load problems Unfortunately, a list of problematic software would cause many to say "I don't have any of that" and dismiss the new rule which states you must upgrade any 3rd party applications that you might have installed on the server. It really is imperative that everyone keep all of their 3rd party software up to date to avoid the exploits that are sure to come when they are discovered. Quote Link to comment Share on other sites More sharing options...
mjovery2 Posted February 5, 2005 Share Posted February 5, 2005 Is it not possible to be more specific? ... We need to work together on this issue so it would be in the best interests of both parties to have more information of the scripts causing server load problems Unfortunately, a list of problematic software would cause many to say "I don't have any of that" and dismiss the new rule which states you must upgrade any 3rd party applications that you might have installed on the server.It really is imperative that everyone keep all of their 3rd party software up to date to avoid the exploits that are sure to come when they are discovered. <{POST_SNAPBACK}> I was half-expecting this response. Of course everyone should keep their scripts/software up to date....and I totally agree with this policy. However, surely to goodness the server issues originated as a result of specific scripts.....which would need to be addressed as a matter of urgency. That is not to say that users should ignore other updates. Otherwise, why bother sending out this message at all......since it should be part of the generic statement embedded deep in the heart of user policies? Does it really require rocket science to identify specific users (and associated scripts) and to target them with appropriate 'warnings' rather than sending out statements to everyone which are just reminders of a policy that is already in existence? Quote Link to comment Share on other sites More sharing options...
Deverill Posted February 5, 2005 Share Posted February 5, 2005 Does it really require rocket science to identify specific users (and associated scripts) and to target them with appropriate 'warnings' rather than sending out statements to everyone which are just reminders of a policy that is already in existence? The problem of out-of-date 3rd party software is not just relating to the current issues even though they are the ones that are in the front of everyone's mind. If TCH sent notices to only users with XYZBlogger then what happens next month when ABCGuestbook has a similar problem because 100 users have not kept it up to date? The new policy, as explained in the email, is to keep all of your software up to date and if you don't and it affects other users on your server then you will be immediately suspended. I would suggest that you and everyone else, myself included, update any old software and not worry so much about pointing fingers at specific software. If it is all up to date then what does it matter which one is a problem? If we have out-dated software then shouldn't we be like Nike with regards to the update and "just do it"? Quote Link to comment Share on other sites More sharing options...
TCH-Bruce Posted February 5, 2005 Share Posted February 5, 2005 And I will just add one more piece of information here. TCH does not monitor your site to see what software you have installed. But if something on your site causes a problem on a server they will investigate the cause and suspend you. For that simple reason a generic email was sent to everyone hosting here at TCH reminding them to keep their scripts updated. Quote Link to comment Share on other sites More sharing options...
TCH-Dick Posted February 5, 2005 Share Posted February 5, 2005 Does it really require rocket science to identify specific users (and associated scripts) and to target them with appropriate 'warnings' rather than sending out statements to everyone which are just reminders of a policy that is already in existence? When you have close to 100 servers to monitor, over 32,000 domains to keep track of....yes it is a chore to track down specific scripts and who is running them. Rather than disable or banning any type of bloging script we are reminding people to keep them updated. It doesn't matter if its moveable type, wordpress, expression engine etc,, customers NEED to keep them current. Quote Link to comment Share on other sites More sharing options...
annie Posted February 5, 2005 Share Posted February 5, 2005 All customers? I didn't receive that e-mail. Quote Link to comment Share on other sites More sharing options...
TCH-Dick Posted February 5, 2005 Share Posted February 5, 2005 It was sent to the e-mail address we have on file when from you signed up, if that e-mail address has changed and you didn't update it with us that could be why you didn't get it. Quote Link to comment Share on other sites More sharing options...
LisaJill Posted February 5, 2005 Share Posted February 5, 2005 I didn't get it either and I've been using the same email address since I was 16. Ah well, I already obsessively keep my scripts up to date. Quote Link to comment Share on other sites More sharing options...
likoma Posted February 5, 2005 Share Posted February 5, 2005 Greetings. (I'm a reseller.) I run about a dozen sites using MovableType (MT) 2.661, another few dozen running WordPress (WP) 1.2.1 and maybe 1.2 and 1.2.2 and my guess is the culprits are the MT 2.661 installs. I'd be happy to upgrade them all to WP (as WP is a much smaller load for your servers--one of the reasons I've switched to WP), but it takes quite a bit of time and I work for myself. I understand that the load on your servers is something you need to take care of, but is there somewhere I can monitor the load that a certain site of mine is causing? If my xyz.com site is about to be suspended, could I learn that somehow and I'd focus on that domain first? I would truly find it extreme if xyz.com was suspended (which I'm pretty sure means shut down) and I only found out through my client or something. If I could get something of advanced warning, that would be a great help. Should I submit a ticket for this question? I understand the server load problem, but please understand that it will take time to make those changes (especially for resellers) and I hope we can get a bit of leeway. Thanks, - Bradley Quote Link to comment Share on other sites More sharing options...
Siberian H.E.A.T. Posted February 5, 2005 Share Posted February 5, 2005 I agree there should have been more details in the global warning email, even if it was in really small letters at the bottom. Those of us who depend on information to make these decisions about our clients have no way of knowing if we are going to be targeted. At the very least, there should be a link in the email that points to the forum at which time you could list some of the biggest problem children programs out there (surely there is a list of baddies that singled out the blogs in the first place). I understand you have to cater to the lowest common denominator when sending out these things...but for those of us who thrive on details it was an amazingly frustrating warning. How do I know one of my blog sites that IS up to date, is not still causing a high server load and thus targeting my client for termination? Unlikely perhaps, but still is the type of thing that causes me to lose sleep at night. A simple list of blog programs, and the latest stable release would even be helpful. I know you don't support 3rd party proggies, but we have to have some way of knowing if our specific version is trouble or not... for instance is Wordpress 1.2.2 (latest stable) going to pass muster? Thanks! I'm not trying to cause trouble! Honestly!!! Quote Link to comment Share on other sites More sharing options...
mitten Posted February 5, 2005 Share Posted February 5, 2005 I agree with Bradley - I'm a reseller and have a number of sites to bring up to compliance with this policy. (And thus, a whole bunch of platform decisions to make and work to do!) I hope that some time will be given on this one. I often deliberately don't upgrade right away, unless it's a security patch. I'd rather wait and see if major code revisions are stable before subjecting my visitors to new, buggy code. I realize that it may be impossible to give notice before a suspension in some cases, as they may be emergency situations. But it seems like there might be a 'red line' of some sort in other cases - a site consistantly pushing the boundaries on server load, perhaps - could we get prior notification on those before suspensions? Quote Link to comment Share on other sites More sharing options...
Head Guru Posted February 5, 2005 Share Posted February 5, 2005 Bottom line is this. If you own and maintain a hosting account it is YOUR responsiblity to maintain it. The email we sent out was a simple reminder that older scripts can be exploited and you should maintain and keep your site current. It is NOT the responsiblty of TotalChoice Hosting to keep our clients 3rd party scripts nice and updated. It is NOT our responsibility to look thru each and every ones account and inform them what script in their account needs updating. Bottom line is this. Maintain your site, keep the software on your site up to date and not exploitable. We can host your account, we can not be a babysitter to your scripts! Bill Quote Link to comment Share on other sites More sharing options...
TCH-Andy Posted February 5, 2005 Share Posted February 5, 2005 Warnings get a little difficult..... If you have a totally insecure blog, and nobody decides to attack it (with comment spam or whatever) then it will not cause any problem on the server. As soon as someone starts to attack that insecure blog, it can (depending on the circumstances) start to cause problems. At that point, it is to late to warn anybody, or ask permissions. We would simply suspend it, to protect other accounts on the server, and then contact you. So, which site is going to be hit first, and most vulnerable... if only I had a crystal ball I'd be happy to say (and rich) Quote Link to comment Share on other sites More sharing options...
mjovery2 Posted February 5, 2005 Share Posted February 5, 2005 When you have close to 100 servers to monitor, over 32,000 domains to keep track of....yes it is a chore to track down specific scripts and who is running them. Rather than disable or banning any type of bloging script we are reminding people to keep them updated. It doesn't matter if its moveable type, wordpress, expression engine etc,, customers NEED to keep them current. <{POST_SNAPBACK}> Oh dear... I was trying to focus on ways of trying to help you...with server issues relating to use of scripts which could cause problems. I was also trying to relate this to effective use of time management. As you will be well aware many Open Source scripts are being constantly updated and improved. Not all updates are immediately instantaneous. It is during this time when security improvements and updates are being developed that both users and hosting companies will be at risk. Now consider this: as a full time educator who is trying to develop websites, using own resources and money in the few spare hours I have available..(many schools are cash-strapped...but no need to get the violin out here..) ..I really do try extremely hard to keep absolutely everything up to date. Effective, efficient use of time is a priority, even if it means deleting scripts/programs rather than go through updates...or waiting for them to happen. Goodness, I don't want to be one of those users who will be ' immediately suspended' on Totalchoicehosting for using scripts which are messing up servers. I really wish there were more than 24/7 available.....and I am sure you have a similar wishes sometimes. Hey, of course we all NEED to keep 3rd party software up to date. That is stating the obvious. It is nice to be reminded of this from time to time ..... but it does not make life any easier. ..developments in software/scripts never remain stationary ...and with four/five accounts with TotalChoicehosting one could quite easily spend 24/7 just running around to find the latest updates. Indeed, it often feels like this. As an educator I really do try to help everyone, and as part of a community, working together means an appreciation of the viewpoints and positions of other people, and a real desire to work together and promote a community where information is shared both ways. I find it very sad to see statements such as 'bottom line' and 'immediate suspension' in this 'family community' forum. Customers also have a 'bottom line' approach ...but I would rather stick with totalchoicehosting for now because so far I have found support, helpful advice and good reliable hosting ( and I do have an account on server 27!) Quote Link to comment Share on other sites More sharing options...
LisaJill Posted February 5, 2005 Share Posted February 5, 2005 Every blogging package I've seen has a mailing list and/or RSS feed that will happily tell you when there are new releases, and which ones are security/bug fixes. Running around is, happily, unnecessary. You can have that information delivered to you. Quote Link to comment Share on other sites More sharing options...
TCH-Andy Posted February 5, 2005 Share Posted February 5, 2005 mjovery2 Thanks for your comments, and I'm sorry if it came across as if we did not appreciate them. I think we are all in agreement, so lets try not to make it look like an argument (and no I'm not suggesting you were). I think everyone here would like their scripts to be fully up-to-date, and for those nasty people who exploit them (in whatever form) short have something equally nasty done to them Equally, as you point out, there is not enough time in the average day to do all the jobs we want / need to do. So, how do we best optimise out time. TotalChoice Hosting is not planning on suspending an account tomorrow, just because we have had a look at your code, and it's not 100% up-to-date. Sorry if that is how it was read. However, if a script is abused, which causes problems for other users, then we will at that time. One of the wonderful things about the family here is they always do help out. I know I have helped update several sites so far today, and some of the other family members have to. What are your suggestions for best time management, and help everyone maintain scripts in a secure and updated fashion? Quote Link to comment Share on other sites More sharing options...
annie Posted February 5, 2005 Share Posted February 5, 2005 The e-mail address in my Cpanel is current. I still didn't get the e-mail. Where is this immediate policy change? I haven't seen it. Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted February 5, 2005 Share Posted February 5, 2005 Annie, I have sent you a copy. Quote Link to comment Share on other sites More sharing options...
mjovery2 Posted February 5, 2005 Share Posted February 5, 2005 What are your suggestions for best time management, and help everyone maintain scripts in a secure and updated fashion? <{POST_SNAPBACK}> Just a few thoughts......... Reasons to be cheerful ....Part 1 1. Only install scripts which have fine, long-standing reputations for reliability and security. 2. Don't waste time with scripts which have a poor reputation for reliability and security. Life is too short. If you have them installed already, then take a deep breath. Delete them and move on to pastures new...and invigorate your life! (Backup your site/scripts first if you decide later you have made the mistake of your life...) 3. Join the updates community forum ...at the source of your scripts. This way you can always be kept informed of the latest releases and issues. 4. Don't rely on automatic installers. Some hosting companies do not keep them up to date (A case in point is keeping all the latest versions of scripts up to date in fantastico) 5. Don't rely on hype about scripts at the source/vendor website. Do your own research first. 6. Find a hosting company willing to support you, and provides a range of support avenues....not just an e-mail address. Open community forums ,where even dirty linen is washed in public is far better that finding a pruned support forum, where many real issues and problems are hidden. Honesty and openness is appreciated by many customers and prospective customers...... www.webschool.org.uk www.MyWebschool.org Bringing Educational Creativity to All (www.becta.org) Quote Link to comment Share on other sites More sharing options...
likoma Posted February 5, 2005 Share Posted February 5, 2005 If you have a totally insecure blog, and nobody decides to attack it (with comment spam or whatever) then it will not cause any problem on the server. As soon as someone starts to attack that insecure blog, it can (depending on the circumstances) start to cause problems. At that point, it is to late to warn anybody, or ask permissions. We would simply suspend it, to protect other accounts on the server, and then contact you.<{POST_SNAPBACK}> Thank you, Andy, this gives me some detail as to what I need to keep an eye on: e.g. comment spam attacks/flooding. It's also nice to know that you'll contact me after you suspend the account (so I don't have to learn about it from a client). I assume that I'll then go into that domain and clean up the comment spam and make sure comments are turned off or closed then the account will be un-suspended, right? Any more details like this (what I need to look for as I migrate from MT 2.661 to WP 1.2.2) are very helpful and welcome, thank you. As for help from me: WordPress has some great plug-ins to prevent/battle comment spam. - Bradley Quote Link to comment Share on other sites More sharing options...
Head Guru Posted February 5, 2005 Share Posted February 5, 2005 Hi, Yesterday a mass e-mail was sent to all our customers in regards to updating 3rd party scripts. I would like to expand on that e-mail with further explanations. We allow users to install most 3rd party scripts into their user account. This includes Discussion Forums, Blogging Software, PHP Scripts and much more. This is part of the freedom and latitude we give to our clients. However, when a client installs 3rd party scripts on their account they must accept the responsibility that goes along with it. As with any software product certain security holes are found. When these vulnerabilities are found the publishers of the software generally will release a patch or upgrade to the software. The reason we communicated with our clients in the first e-mail was simply to express our desire for clients to upgrade their scripts. It was not our intention to scare or upset customers with threats of suspension of services. That was not our intent. If you are running any 3rd party script on our servers simply insure that you are maintaining the script to the best of your ability. In the next few days we will be putting together a list of 3rd party scripts that have known security issues. Once this is completed we will again communicate with you via a e-mail message. This will help our customers in identifying what scripts may have issues. At this point we have no plans to suspend sites that have outdated versions of 3rd party scripts. We should have communicated this in better detail. Thanks for you business and support. Bill Kish Quote Link to comment Share on other sites More sharing options...
MarkG Posted February 5, 2005 Share Posted February 5, 2005 Yesterday a mass e-mail was sent to all our customers in regards to updating 3rd party scripts. I would like to expand on that e-mail with further explanations. Really? Where's mine? In fact, after plowing through these boards I've discovered that several emails seem to have been sent to "all your customers" I've only seen this one... Hello,It has come to our attention that several older versions of the various blog software contains exploits and vulnerabilities. This is causing severe load issues on our servers. We are now requiring that all accounts using blogging software upgrade to the latest versions which contain patches and fixes for these vulnerabilities. In order to protect your account from these exploits, you must upgrade any 3rd party applications that you might have installed on the server. Please remember that we do not support any 3rd party software. Please make these upgrades immediately to avoid suspension of services. Thank you. ..and the only reason I'm I've seen it, and am now trying to figure all this out is because a friend that I reccomend use your hosting services caledl me in a panic over it since I did her blog installation. TCH-Rob seems a fair chap, could you forward me these emails I seem to be missing. I'm rather peeved that I have to find out about this through a friend and not straight from the source. Would you please have a word with whoever is supposed to be sending out these emails? My email on file hasen't changed in the 2+ years I've been with you. Thank you. Quote Link to comment Share on other sites More sharing options...
whoahorse Posted February 5, 2005 Share Posted February 5, 2005 http://www.horseblog.com/ Is mine up to date? Weezy Quote Link to comment Share on other sites More sharing options...
TCH-Dick Posted February 5, 2005 Share Posted February 5, 2005 The e-mail that was sent out was sent to the address we have on file that you provided when you signed up (for billing purposes). The contact e-mail you set up in cpanel and the e-mail we sent these notices to are not the same unless you used the same e-mail address for both. If you are unsure what the address you have on file for billing purposes is you can open a support ticket with the billing department and have it updated. Quote Link to comment Share on other sites More sharing options...
MarkG Posted February 5, 2005 Share Posted February 5, 2005 They are one and the same. I have all the billing emails as well as the ICANN policy change notice from November. Quote Link to comment Share on other sites More sharing options...
TCH-Dick Posted February 5, 2005 Share Posted February 5, 2005 Then I'm not sure why you didn't get them. We don't have one person in charge of e-mailing each individual customer. The e-mails were sent from our billing system to all customers. Quote Link to comment Share on other sites More sharing options...
MarkG Posted February 5, 2005 Share Posted February 5, 2005 Then I'm not sure why you didn't get them. We don't have one person in charge of e-mailing each individual customer. The e-mails were sent from our billing system to all customers. <{POST_SNAPBACK}> Maybe something is wigged out in the billing mailer? I find it rather disturbing if I am getting my upcomming billing notices and billing recipets but not what is clearly critical security notices. Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted February 5, 2005 Share Posted February 5, 2005 TCH-Rob seems a fair chap, could you forward me these emails I seem to be missing. The e-mail I forwarded was the one you quoted. The other email that was sent was in the post above yours from Bill (Head Guru) Quote Link to comment Share on other sites More sharing options...
midwestchasing Posted February 5, 2005 Share Posted February 5, 2005 I've got a security patch on my PHP Nuke. Am I fine? Quote Link to comment Share on other sites More sharing options...
Head Guru Posted February 5, 2005 Share Posted February 5, 2005 Yep your good to go. Quote Link to comment Share on other sites More sharing options...
midwestchasing Posted February 5, 2005 Share Posted February 5, 2005 Yep your good to go. <{POST_SNAPBACK}> thanks. Quote Link to comment Share on other sites More sharing options...
TCH-Andy Posted February 5, 2005 Share Posted February 5, 2005 Hi, Just to ensure this thread doesn't get to out of hand - because people can read things that were not intended by the writer, and almost start a flame war I'll try and summarise a few key points. If you are looking at scripts, I think the advice earlier was excellent (thanks mjovery2 ) Reasons to be cheerful ....Part 1 1. Only install scripts which have fine, long-standing reputations for reliability and security. 2. Don't waste time with scripts which have a poor reputation for reliability and security. Life is too short. If you have them installed already, then take a deep breath. Delete them and move on to pastures new...and invigorate your life! (Backup your site/scripts first if you decide later you have made the mistake of your life...) 3. Join the updates community forum ...at the source of your scripts. This way you can always be kept informed of the latest releases and issues. 4. Don't rely on automatic installers. Some hosting companies do not keep them up to date (A case in point is keeping all the latest versions of scripts up to date in fantastico) 5. Don't rely on hype about scripts at the source/vendor website. Do your own research first. 6. Find a hosting company willing to support you, and provides a range of support avenues....not just an e-mail address. Open community forums ,where even dirty linen is washed in public is far better that finding a pruned support forum, where many real issues and problems are hidden. Honesty and openness is appreciated by many customers and prospective customers...... <{POST_SNAPBACK}> If you have not received an email, please let us know via the support desk, customer support department. That way we can have a look at your records and discuss individually why your record might not have got through. It is not something we can check easily via the forum (unless you want your email caught by those email harvesters). If you are unsure if you have not got the latest version of your software. Please check fist on the site for that software. If you can't find out, then contact the support team, and we'll try and help Please also remember, that just because the script was up-to-date the day you put it on (even if it was from our cpanel) that does not mean it is up-to-date today. Quote Link to comment Share on other sites More sharing options...
MarkG Posted February 5, 2005 Share Posted February 5, 2005 If you have not received an email, please let us know via the support desk, customer support department. That way we can have a look at your records and discuss individually why your record might not have got through. It is not something we can check easily via the forum (unless you want your email caught by those email harvesters). Exactly what I wanted to know. My problem is not having to update scripts (which I now know I need to do), but why I found out about the policy change the way I did. Thnaks guys. Quote Link to comment Share on other sites More sharing options...
wigoweb Posted February 5, 2005 Share Posted February 5, 2005 I hope that no one at TCH decides not to maintain the forums due to a few impatient participants. Given the number of clients hosted at TCH even this announcement about keeping scripts up to date doesn't seem to be much of a problem. A scant half-dozen people seem to have gotten agitated. That leaves several thousands who understand that the process of updating a script is important. What this whole exchange really illustrates is that written communications are sometimes misunderstood. Writing a message under the pressure of trying to get serious performance issues rectified isn't a trivial task. Stress causes the author to send what seems like a clear and temperate message but might really be a message that is slightly ambiguous or even strict in tone. Recipients, who often see the world only through their own monitors, read the message and react without considering what might have motivated it. Anyway, everyone should be glad that we were notified, that TCH is trying to get fixed, and that we were asked to help by updating our scripts, not told to remove our scripts. I had a host who would not allow me to install any scripts at all. I don't want to have those conditions here at TCH. This more recent notice here in the forums that the staff is preparing a list of scripts which will be posted is a step in the right direction. If time had allowed for that statement to be part of the original message maybe fewer people would have been upset. Quote Link to comment Share on other sites More sharing options...
TCH-Andy Posted February 5, 2005 Share Posted February 5, 2005 wigoweb Thanks - that couldn't have been put better Please be assured - we will be maintaining our forums, we love the family - even when we have a few heated discussions Quote Link to comment Share on other sites More sharing options...
lilirose Posted February 5, 2005 Share Posted February 5, 2005 I've been lurking quietly on this duscussion but I just had one thing I wanted to say. I left my last host (who are also located in Michigan, I will let you guess who they are!) because my Movable Type installation crashed their server during an attack by comment spammers, and they told me (in an astoundingly rude manner) that under no circumstances would I ever be allowed to run any version of MT on my account with them in future. If they had handled the problem in a more professional manner, they would not have lost my account. As it is, I tell everyone who will listen about my bad experience with them and my wonderful experience so far with TCH. I was somewhat alarmed at the idea that TCH was going the same direction as my old hosts after reading the mass e-mail this morning, but after coming here to read this thread I am so impressed by, and grateful for, the high level of professionalism that I am seeing displayed by TCH staff members. You guys (and girls) are the best- don't let the few who are freaking out and complaining get you down. Quote Link to comment Share on other sites More sharing options...
sandypc Posted February 6, 2005 Share Posted February 6, 2005 I have MT and next to the latest version, with all the latest anti-spam plugins. I decided, though, to update my site to the latest version today due to the notice I received via email. Right in the mist of my "update" the server (35) goes down. It's been down now for an hour. I sent in a ticket and promptly got a reply to "please co-operate". It's frustrating..... Quote Link to comment Share on other sites More sharing options...
marie b. Posted February 6, 2005 Share Posted February 6, 2005 It may have been easier to install the v3.15 update as a plugin (available on movabletype.org), which takes all of one second to upload. You would have been good to go before server issues wonked your update up. Quote Link to comment Share on other sites More sharing options...
sandypc Posted February 6, 2005 Share Posted February 6, 2005 It may have been easier to install the v3.15 update as a plugin (available on movabletype.org), which takes all of one second to upload. You would have been good to go before server issues wonked your update up. <{POST_SNAPBACK}> That's a good suggestion for those who haven't already updated their version of MT, and I've already installed that plugin. I guess I'll have to wait to "update" my version at a later date. The server has been down now for 2 hours. Quote Link to comment Share on other sites More sharing options...
Joaquin Posted February 6, 2005 Share Posted February 6, 2005 Hi all, I'm geeked cuz this is my first post on TCH forums.....or maybe I'm just a geek. Anyway, I have read through this whole thread and did not see a mention of Advanced Guestbook. I believe the latest version is 2.3.1, is this "updated" enough? Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted February 6, 2005 Share Posted February 6, 2005 Hi all, I'm geeked cuz this is my first post on TCH forums.....or maybe I'm just a geek. Anyway, I have read through this whole thread and did not see a mention of Advanced Guestbook. I believe the latest version is 2.3.1, is this "updated" enough? <{POST_SNAPBACK}> Sounds good to me. And welcome home. Quote Link to comment Share on other sites More sharing options...
Joaquin Posted February 6, 2005 Share Posted February 6, 2005 Thanks Rob, and by the way, you look like Stephen King. Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted February 6, 2005 Share Posted February 6, 2005 Though we may have the same mentality I must say that his teeth are a bit bigger than mine. Oh, he has more money than I do too. Quote Link to comment Share on other sites More sharing options...
ramone_kalsaw Posted February 6, 2005 Share Posted February 6, 2005 I didn't get it either and I've been using the same email address since I was 16. Ah well, I already obsessively keep my scripts up to date. <{POST_SNAPBACK}> Lisa, What are your steps for keeping your scripts up to date? Quote Link to comment Share on other sites More sharing options...
LisaJill Posted February 6, 2005 Share Posted February 6, 2005 I only run ExpressionEngine, but any script that I run I am on the mailing list and RSS feed for. Then - when they tell me there's an update (and any major script will announce these) - I update. Of course, for EE this isn't necessary for me. I'm active on their forums and often know about these things before the general public. Quote Link to comment Share on other sites More sharing options...
TCH-Don Posted February 6, 2005 Share Posted February 6, 2005 Welcome to the Family Joaquin and your new home! We really are like family here. So if you need anything, just ask your new family! We love to help Quote Link to comment Share on other sites More sharing options...
TCH-Thomas Posted February 6, 2005 Share Posted February 6, 2005 To everyone in this thread that I haven´t said it to before... Welcome to the forums. Quote Link to comment Share on other sites More sharing options...
Joaquin Posted February 6, 2005 Share Posted February 6, 2005 To everyone in this thread that I haven´t said it to before... Welcome to the forums. <{POST_SNAPBACK}> Thomas, thanks for the welcome from abroad, it's good to be acknowledged. Joaquin Quote Link to comment Share on other sites More sharing options...
TCH-Bruce Posted February 6, 2005 Share Posted February 6, 2005 Welcome to the Family Joaquin, and everyone else that I've missed! Quote Link to comment Share on other sites More sharing options...
soleil Posted February 6, 2005 Share Posted February 6, 2005 I updated to Wordpress 1.2.2 yesterday after the email, I hope that's as updated as you guys want. Quote Link to comment Share on other sites More sharing options...
TCH-Thomas Posted February 6, 2005 Share Posted February 6, 2005 We are now planning an announcement list for script updates. Please see this thread for more information. Quote Link to comment Share on other sites More sharing options...
TCH-Dick Posted February 6, 2005 Share Posted February 6, 2005 I updated to Wordpress 1.2.2 yesterday after the email, I hope that's as updated as you guys want. That's good for WordPress, anything above that at this point and your are stepping into beta versions. I am currently running 1.5(which is out of beta but not ready for stable release) with no problems and it has helped with the spam problems. Be warned if you have a custom design, all versions starting at 1.3 use a theme based system. Quote Link to comment Share on other sites More sharing options...
Siberian H.E.A.T. Posted February 7, 2005 Share Posted February 7, 2005 Be warned if you have a custom design, all versions starting at 1.3 use a theme based system. BOOOOO! Guess I'll have to start looking at those beta's so I make sure those themes don't mess up my custom design. FWIW, I do appreciate TCH's concern in sending out the initial email and I apologize if I appeared in any way agitated over its content or delivery. I know it is our responsibility to keep our ducks in a row, and I will continue to try to herd my pond of ducks. I do wonder if there should have been a link to this thread on the forums however, that said "if you have any questions, discuss here." I just wonder if everyone knows about this great resource that TCH has provided? By and large, most hosts seem to have no forums at all... it is probably what people are used to. I know I was pleasantly surprised when I first stumbled into the forums...and it has been invaluable ever since. Quote Link to comment Share on other sites More sharing options...
LisaJill Posted February 7, 2005 Share Posted February 7, 2005 This thread came into existance because of the email. It couldn't be linked to because it didn't exist when the email was sent. =) Quote Link to comment Share on other sites More sharing options...
Siberian H.E.A.T. Posted February 7, 2005 Share Posted February 7, 2005 This thread came into existance because of the email. It couldn't be linked to because it didn't exist when the email was sent. =) <{POST_SNAPBACK}> You must be a lawyer in your spare time! Quote Link to comment Share on other sites More sharing options...
bgolder Posted February 10, 2005 Share Posted February 10, 2005 FWIW, I do appreciate TCH's concern in sending out the initial emailI appreciate TCH's concern as well, but... and I apologize if I appeared in any way agitated over its content or delivery. ...I do not apologize for being agitated by it. The email was vague, threatening, and generally completely unhelpful to the situation. I responded in a separate thread before I was referred to this thread. I obviously wasn't the only one who was surprised by the tone of the email. I am bothered by how many TCH support people responded to this thread defending the statement when it should have been retracted or clarified immediately. It seems like overall, TCH is having some problems with a fraction of its customers running unsecure sites, and their response is to take out their frustrations on their entire customer base. This attitude seems to be coming from the top down. I sincerely hope TCH takes a deep breath and adapts a more positive approach to the problems it experiences in the future. Best, Bryan Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted February 10, 2005 Share Posted February 10, 2005 Bryan, Did you even get the second email that clarified what the first one was for? The emails were sent because the entire customer base needs to keep their scripts up to date. Nothing was taken out on anyone and trust me, we take plenty of deep breaths each day. Quote Link to comment Share on other sites More sharing options...
bgolder Posted February 10, 2005 Share Posted February 10, 2005 Bryan, Did you even get the second email that clarified what the first one was for? The emails were sent because the entire customer base needs to keep their scripts up to date. I received an email addressing a specific issue with Movable Type, which is not applicable to me. Then I received the email I described in my other post here. If there was a 3rd email, I didn't get it. -Bryan Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted February 11, 2005 Share Posted February 11, 2005 Bills post above was also an email that went out. Hi, Yesterday a mass e-mail was sent to all our customers in regards to updating 3rd party scripts. I would like to expand on that e-mail with further explanations. We allow users to install most 3rd party scripts into their user account. This includes Discussion Forums, Blogging Software, PHP Scripts and much more. This is part of the freedom and latitude we give to our clients. However, when a client installs 3rd party scripts on their account they must accept the responsibility that goes along with it. As with any software product certain security holes are found. When these vulnerabilities are found the publishers of the software generally will release a patch or upgrade to the software. The reason we communicated with our clients in the first e-mail was simply to express our desire for clients to upgrade their scripts. It was not our intention to scare or upset customers with threats of suspension of services. That was not our intent. If you are running any 3rd party script on our servers simply insure that you are maintaining the script to the best of your ability. In the next few days we will be putting together a list of 3rd party scripts that have known security issues. Once this is completed we will again communicate with you via a e-mail message. This will help our customers in identifying what scripts may have issues. At this point we have no plans to suspend sites that have outdated versions of 3rd party scripts. We should have communicated this in better detail. Thanks for you business and support. Bill Kish Quote Link to comment Share on other sites More sharing options...
jpgasstrom Posted February 11, 2005 Share Posted February 11, 2005 I haven't received either of the emails referenced above (and my email address is up to date). I do have pretty tight Spam filters going through Spam Assassin. Is it possible that the others who did not get it also have tight Spam filters and the "mass mailing" got tagged by Spam Assassin? I'm going to go whitelist TCH right now, so I don't miss anything further.... Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted February 11, 2005 Share Posted February 11, 2005 Is it possible? Sure it is. Quote Link to comment Share on other sites More sharing options...
rlambdon Posted February 11, 2005 Share Posted February 11, 2005 I received the first e-mail, however I did not receive the second one referenced above. I have noticed a lot of people complaining about not receiving all of the e-mails sent by TCH, but it is always explained away as a spam filter... Has anyone looked into the possibility that there is a problem with the e-mail distribution list? Oh yeah, I forgot to mention -Robert Quote Link to comment Share on other sites More sharing options...
TCH-Bruce Posted February 11, 2005 Share Posted February 11, 2005 Welcome to the forum Robert. 9 times out of 10 it is an issue with a spam filter. To be sure you receive the emails, make sure you have a current email address listed for your account. You should use an email address no associated with your domain. Use your email address of your ISP. This way if your sever happens to be down you will still receive the email. Quote Link to comment Share on other sites More sharing options...
TCH-Rob Posted February 11, 2005 Share Posted February 11, 2005 Dont forget the fact that our mail server may not be getting an answer from your mail server for various reasons so there may me a delay of a couple of days to no delivery at all depending on the circumstances. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.