PHP 7.2 Available on All Servers

We're happy to announce the first release candidate of PHP 7.2 is available on all servers. PHP 7.2 brings even more speed improvements while adding great new security features such as the sodium cryptography extension and the Argon2i password hashing algorithm.

  • September 1, 2017

WP-CLI Available On All Servers

If you use the command line and you love WordPress, your life just got easier. ServerPilot now installs WP-CLI by default on your servers. We've also rolled out WP-CLI to all existing servers.

  • July 18, 2017

CVE-2017-6074 Linux Kernel DCCP Vulnerability

A Linux kernel vulnerability allowing privilege escalation has been found that affects most major Linux distributions, including Ubuntu. The fix for this vulnerability, identified by CVE-2017-6074, has been applied to all servers managed by ServerPilot.

  • February 22, 2017

Introducing Two-Factor Authentication

ServerPilot now supports two-factor authentication! For users wishing to add another layer of security to their account, using two-factor authentication is a great way to do it.

  • December 19, 2016

CVE-2016-8655 Linux Kernel Vulnerability

A Linux kernel vulnerability allowing privilege escalation has been found that affects most major Linux distributions, including Ubuntu. The fix for this vulnerability, identified by CVE-2016-8655, has been applied to all servers managed by ServerPilot.

  • December 7, 2016

Announcing HeatShield: Advanced Firewall Management

We're excited to announce the launch of our sister company, HeatShield. HeatShield's firewall management service makes customizing firewalls completely painless. Additionally, HeatShield's free plan offers the same standard firewall rules as ServerPilot but with the added bonus of SSH brute force protection, which blocks IP addresses that attempt to SSH into your server by guessing passwords.

  • November 22, 2016

PHP 7.1 Available on All Servers

We're happy to announce the first release candidate of PHP 7.1 is available on all servers. PHP 7.1 keeps the speed and memory efficiency of PHP 7.0 while adding many great new language features.

  • September 9, 2016

Brotli Compression Algorithm Enabled on All Servers

For apps using HTTPS, page loads are now even faster. On all servers managed by ServerPilot, we've enabled the new Brotli compression algorithm developed by Google. Brotli is currently supported by Chrome and Firefox for HTTPS requests.

  • August 8, 2016

HTTPoxy Vulnerability

A vulnerability named HTTPoxy affecting many PHP applications has been discovered. The vulnerability allows a malicious request to control an environment variable named HTTP_PROXY that some PHP libraries use. The fix for this vulnerability has already been applied to all servers managed by ServerPilot.

  • July 19, 2016

Free SSL Certificates from Let's Encrypt

We're truly excited to announce that ServerPilot now offers easy, unlimited, free SSL certificates to users on our Coach and Business plans. By making SSL deployment absurdly simple, we're continuing to empower our users to focus valuable time and energy on your businesses and projects.

  • March 9, 2016

DROWN SSL Vulnerability

A recent vulnerability named DROWN (CVE-2016-0800) affecting the SSLv2 protocol has been discovered and is in the news. This vulnerability does not affect servers managed by ServerPilot.

  • March 1, 2016

HTTP/2 Enabled on All Servers

All servers managed by ServerPilot now support HTTP/2, the latest version of the HTTP protocol. HTTP/2 solves many fundamental performance limitations that existed in HTTP/1.x and can result in page load speedups of up to 50 percent.

  • September 24, 2015

PHP 7.0 Available on All Servers

If you've been excitedly watching the development of PHP 7 like we have, you've been looking forward to this day for more than a year. Today, PHP 7.0 RC1 was released. This is the first release candidate for PHP 7.0 and marks the end of beta for PHP 7. With this release, we're proud to announce that PHP 7.0 is now available on all servers.

  • August 20, 2015

Logjam TLS Attack

Security researchers have discovered a new attack on the TLS protocol named Logjam. Additionally, the researchers found that commonly used values that are part of the Diffie-Hellman cryptographic key exchange used by TLS may be vulnerable to attack by very powerful entities like nation-states.

  • May 20, 2015

GHOST glibc Vulnerability

A vulnerability named GHOST (CVE-2015-0235) affecting the GNU C library (glibc) has been discovered. This vulnerability does not affect Ubuntu 14.04. Only ServerPilot users with Ubuntu 12.04 servers had the vulnerable version of glibc. As neither OpenSSH, Nginx, Apache, MySQL, or Postfix are considered vulnerable, there is low risk to your servers managed by ServerPilot. One potential risk is through PHP scripts that call the function gethostbyname() with user-supplied input as the argument.

  • January 28, 2015

SSLv3 Disabled Due to POODLE Vulnerability

Security researchers at Google recently announced their discovery of a flaw in Version 3 of the SSL protocol ("SSLv3"). The attack, called POODLE ("Padding Oracle On Downgraded Legacy Encryption"), can be exploited by attackers who are able to modify network transmissions between the browser and the server. A successful attack can result in, for example, an attacker being able to read the cookies sent by a browser over an SSL (HTTPS) request.

  • October 26, 2014

Bash Shellshock security update

Yesterday, a serious Bash shell vulnerability named Shellshock (CVE-2014-6271 / CVE-2014-7169) was announced. Updates to your servers were applied as soon as they became available.

  • September 25, 2014

ServerPilot API Released

Over the past few months, we've been putting the finishing touches on our API. In that time, beta users of our API have been giving us feedback, writing API wrappers, and even building businesses on top of our API. We're very excited to announce our API is now available to everyone.

  • September 2, 2014

Announcing Support for Ubuntu 14.04 LTS

We're excited to announce that ServerPilot supports Ubuntu 14.04 from the first day of its release! Ubuntu 14.04 ("Trusty Tahr") is the next

  • April 17, 2014

OpenSSL Heartbleed security update

Yesterday, the OpenSSL Project released an update to address CVE-2014-0160, a vulnerability nicknamed "Heartbleed." This vulnerability affects many applications and services including ServerPilot, DigitalOcean, Amazon AWS, and others.

  • April 8, 2014