If your server is being scanned by security software that software may very well tell you that you have a security vulnerability with regards to the SSHD version. Specifically it may say that your server is vulnerable to CVE-2024-6387. Here’s what we’ve done for our Brownrice SmartVPS hosting customers and how you would dispute this vulnerability if you are one of our customers.

First, none of our SmartVPS’s are vulnerable to CVE-2024-6387, we patched this on everything that was vulnerable across our systems less than a week after the vulnerability was announced and the patch was released.

Yesterday, September 14th, 2023, Lumen rerouted one of our internet pipes so that there are longer any overlapping areas where both of our outgoing fiber connections are physically near each other.

Additionally, the morning before, on September 13th, 2023, we successfully completed our final failover tests on our new, third outgoing pipe, which is wireless for the first 1/2 mile, then takes another fully diverse fiber path to the internet.

This completes the network changes that will ensure that the dual-fiber cut that happened on June 7th of this year can not happen again. Additionally, even if both primary fiber connections were to be taken down in some wildly bizarre way, we’ve now got a third connection that all of our traffic will route through, with no slowdown in performance.

We thank Lumen and Kit Carson Internet for working with us to make this all happen. It’s kind of a big deal for us.

We’ve loved you for many long-times CentOS, but we’ve moved on… And, well, its you, not us.

And Hello AlmaLinux 9!

CentOS was very good to us for decades of solid and fast hosting. In fact we built our entire hosting business off of it. However, when CentOS switched to stream-based updates we decided we had to start looking at other Linux operating systems for our hosting base.

We won’t bore you with the details of this search but know that of mid-June all of our new SmartVPS servers ride on the back of AlmaLinux 9. The transition has been surprisingly smooth and the results have been fantastic! We’re seeing considerable speed increases and much improved memory management throughout our hosting stack.

So moving forward, we’re riding with AlmaLinux!

What does Brownrice WordPress Management with our Hack Clean Guarantee include?

Worry free software updates: When you sign up Brownrice WordPress Management we’ll update your WordPress core software, as well as all plugins and themes each month, ensuring that your site is always running the freshest software.  This also helps ensure that your site doesn’t get hacked…

Hack Clean Guarantee: We’ll install malware software that alerts us in case hacker code is detected in your site (it won’t be since we’ll be updating your software) so that we can spring to action and get the hacker out of your site, at no additional charge to you.

Performance Bottleneck Analysis:  If your WordPress site is running slowly you can have one of our WordPress specialists identify performance bottlenecks so that you can get things fast again.

Monthly Reporting: We’ll also send you a monthly report detailing everything we’ve done.

And all of this is included in the monthly price.  That monthly price is $9.95 per month for the first site on a SmartVPS, and $4.95 per month for each additional site on the same SmartVPS. 

Just shoot us an email to support@brownrice.com if you’d like to get signed up!

It was a heckuva busy pandemic for us here at Brownrice and we thought you might be interested in some of the things that we’ve been doing behind the scenes to ensure that your web sites, webcams, email, and servers are serving up the things they serve quickly, securely, and reliably!

Data Center Upgrades

During the pandemic we grew at unprecedented speeds and as a result we upgraded nearly all of our infrastructure to keep up with our growth. We upgraded our generators, our battery systems, our solar array, our routers and switches, much of our electrical systems, our monitoring and alerting systems, our upstream internet pipes and our redundancy.

We’re extremely pleased to announce our new GeoSync Cluster hosting. A GeoSync Cluster is a fully automated, three-VPS cluster of servers spread across three data centers, in three different time zones.  If one data center goes offline your web site’s traffic will be automatically redirected to the remaining data centers, ensuring no downtime.  It is the ultimate hosting platform for those seeking redundancy, reliability, and ease-of-use.

Is this GeoSync Cluster hard to use?

No!  If you are a web site user (i.e. WordPress, Joomla, custom code, etc) or developer and your web site is hosted on our GeoSync Cluster service you might actually not notice the difference between it and regular hosting.  The service is fully automated (and amazing!) and comes with managed support if issues or questions arise. 

How does it work?

Our new 50kW solar parking structure has been live for a few weeks now, and WOW, we’re loving this. For a few hours each day its producing more power than our entire building is using: That includes our data center, our offices, and all lightening and cooling for Brownrice as well as THREE other businesses – one being our sister company TaosNet. Here’s a quick view our our electrical production (white arching curve) verse our usage (green squiggly line) yesterday. We anticipate that this array will produce about 66% of all of Brownrice’s electrical consumption over a year and or goal is to continue to add solar until all of our electrical usage is produced by the sun. Stay tuned, we’ll get there.

First of all, many thanks to the wonderful Let’s Encrypt community for all the help with this, credit where credit is due: https://community.letsencrypt.org/t/rhel-centos-6-openssl-client-compatibility-after-dst-root-ca-x3-expiration/161032

That is a lengthy thread, and after a lot of trial and error and considerable head scratching I wanted to share the fix that worked for us, from start to finish. Hopefully it’ll save you some time so you can get back to your wgets and API calls.

Here are the steps that worked for us: