Statement on Spectre/Meltdown
Important information for customers of Divio Cloud
You may have heard of a newly-disclosed critical vulnerability in modern processors, that affects nearly all computers and websites. These vulnerabilities and the attacks that could be associated with them have been named Spectre/Meltdown.
What we are doing
We are disabling:
- SSH access
- Creating new projects
- Git access (push, pull etc.)
- Addon uploads
- New cron jobs
In addition, we have put all websites into maintenance mode, limiting administration options via the Control Panel.
These services will be progressively restored once we are certain of the security and integrity of our platform.
We apologise for the inconvenience. However, these are exceptional circumstances that demand the utmost caution.
We expect service to be fully restored soon, but if you need one of these services urgently, please get in touch with us and we will assist.
Your sites on our platform run on infrastructure provided by major vendors, with extremely high security standards.
These vendors take security extremely seriously already have patches at the operating system level in place in to mitigate against Spectre/Meltdown. Most of the systems we use have already been patched, while others will be patched in the coming hours.
Some services may experience a brief interruption over the next day or so as systems are rebooted following the patch.
In most cases, you will not even notice any interruption. We apologise in advance however if you are briefly affected at such short notice. The timescale of the notification of the vulnerability means that action must be taken swiftly, and the security and integrity of our platform and your websites and data are our top priority.
We will continue to monitor the situation, and to liaise with our vendors.
What you need to do
You do not need to take any action as far as your Divio Cloud sites and data are concerned. All necessary remedial action has already been taken, or will be completed soon, on your behalf.
We will keep you informed as always of new developments.
However, please note that operating system vendors (such as Apple, Ubuntu, Microsoft and others) will likely issue patches soon for your own computers, and we strongly advise that you apply these patches as soon as they become available.