So long SPDY, Google says goodbye to SPDY

Posted by Nick Powell in News on February 12, 2015

google-spdyGoogle has decided to kill its  SPDY internet application-layer protocol in future versions of its Chrome browser, in favor of the Internet Engineering Taskforce’s HTTP/2 spec. Cloud flare also offer an optimisation based on SPDY. A few our customers have also enquired about it in the past but now Google have canned it.

“Chrome has supported SPDY since Chrome 6, but since most of the benefits are present in HTTP/2, it’s time to say goodbye,” Google’s Chris Bentzel wrote in a blog post.

Bentzel said in his post, observing only that, “Some key features [of HTTP/2] such as multiplexing, header compression, prioritization and protocol negotiation evolved from work done in an earlier open, but non-standard protocol named SPDY.”

Ideas first introduced in SPDY went on to inform the IETF’s work on the HTTP/2 spec, which is currently in draft form and is expected to be published as an RFC this month.

But not everyone involved in the HTTP/2 work agreed that SPDY was the right starting point.

Google’s decision to kill SPDY in Chrome will go unnoticed by most users. Both the web browser and the server must support the protocol for it to have any effect, and few web servers enabled it.

“Server developers are strongly encouraged to move to HTTP/2 and ALPN,” Google’s Bentzel wrote. “We’re happy to have contributed to the open standards process that led to HTTP/2, and hope to see wide adoption given the broad industry engagement on standardization and implementation.”

If you’re a fan of SPDY, however, you needn’t worry too much for now. Google says it won’t remove support for the spec from Chrome until early 2016.

Google Consider Penalising Website Owners Without SSL

Posted by simon bumford in News on December 19, 2014

Google have proposed to display a warning on websites using the Chrome browser that do not use HTTPS (SSL). Security experts broadly welcomed this proposal but said it may cause confusion initially.

Encrypted Data

In talks between Chrome and Google developers it has been said they were surprised that this was not already a feature in other browsers.

“The only situation in which web browsers are guaranteed not to warn users is precisely when there is no chance of security,” they wrote.

HTTPS uses well-established cryptographic systems to scramble data as it travels from a users computer to a website and back again. At the moment it is thought that only 33% of websites use HTTPS.

Help Available to Install

Paul Mutton, a security analyst at web monitoring firm Netcraft, also welcomed the proposal, saying it was “bizarre” that an unencrypted HTTP connection gave rise to no warnings at all.

“In the short term, the biggest headache is likely to be faced by website operators who will feel forced to migrate unencrypted HTTP websites to encrypted HTTPS,” he said. Many may resent the cost in time and money required to adopt the technology, he said, even though projects exist to make it easier and free for website administrators to use HTTPS.

“It will seem like a lot of hassle in the short term, but it will be a good thing for the whole web in the long run,” he said.

Simple Servers Offer

Simple Servers have partnered with one of the leading SSL suppliers GlobalSign and along with cPanel we offer an easy one click installer for a GlobalSign domain SSL. This is a simple process from order to install and no technical knowledge is required, the need to generate a private key and CSR has been abolished and the SSL will auto renew each year after a payment has been made automatically removing the chance of missing the renewal date and leaving the website un protected.

The product retails at £99 plus VAT but to help implement HTTPS we have discounted the first year by 10% with the following coupon code


Take up our offer for a GlobalSign voucher click here

The Mozilla team behind Firefox and those involved with Opera have also voiced their support. Since September 2014 Google has prioritised sites in its search rankings using HTTPS.


Magento Community 1.9.1 Released

Posted by Nick in Magento Hosting on November 25, 2014

magento-home-badgeWe are excited  to report that Magento Community Edition 1.9.1 has been released! It offers  a new set of features that help create compelling shopping experiences across mutiple devices.

Magento Community Edition 1.9.1 includes the following new features:

  • Configurable swatches enable merchants to show off a range of product attributes, such as colors, fabrics, or sizes, using a visual approach that is easy for shoppers to consume. Swatches can be used on product detail, category, and search result pages, and in layered navigation to help boost conversion rates. And, when shoppers click on a swatch, the product image automatically updates, giving them quick access to details needed to proceed with their purchase.
  • An enhanced responsive design reference theme offers merchants a dramatically faster way to create mobile-optimized sites. The theme now includes new functionality, such as responsive default email templates, so customers can read order confirmation and account registration emails on any device. Additionally, it supports downloadable products, order histories, multi-address checkout, and more.
  • Better site performance and security, now that Magento Community Edition 1.9.1 works with MySQL 5.6 and PHP 5.5. MySQL 5.6 offers merchants improved site speed and scalability, reduced memory usage, and enhanced debugging tools, while PHP 5.5 provides security improvements and ensures merchants have continued access to PHP code updates.

Support for Google Universal Analytics, the new standard for Google Analytics, provides merchants with deeper customer insights and access to ongoing feature updates that will only be available on this new platform.

Over 70 enhancements, many made by members of the active Magento community.

What is the Shellshock Bash bug?

Posted by Nick Powell in News on September 26, 2014

By now you may have heard about a new bug found in the Bash shell.

This bug, nick named “Shellshock”, affects the Unix command shell “Bash,” which happens to be one of the most common applications in those systems. This vulnerability affects the shell known as Bash (Bourne Again SHell), which is installed on *Nix machines.

All of our managed dedicated, cloud and shared servers are already patched.


GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.

Let’s start with your computer. If you have a Linux system, open the Terminal and run this line of code:

env x=’() { :;}; echo vulnerable’ bash -c ‘echo this is a test’

If you see the word “vulnerable” as an answer, your system is, well… vulnerable.

Your Bash shell is simply running more code after a function (the “() { :;};” part), and that shouldn’t be happening. The function is the “allowed” code, while everything after it is where the potentially “malicious” code could be installed.


A server has to listen to requests. This means that by requesting almost any data and running malicious code, an attacker can infect any affected server, which is about 60 percent of web servers out on the internet, most routers (even your home router) and many consumer devices (including security cameras and “smart” appliances — which don’t seem so smart right about now). This is because smart appliances are a form of servers.


It’s  simple to solve this problem. Many software developers have already issued patches and more are being released by the hour. Two of the most popular Linux distributions, Red Hat and Ubuntu, already have patches available. Updating a system takes almost no time. It’s a simple process and it’s a common task for most users.

Son of Magento Godzilla Server build

Posted by Nick Powell in From The NOC on September 5, 2014

We have just launched our biggest and best Magento cluster to date, nicknamed ‘Son of Godzilla’ in reference to our original Godzilla build here

godzillaThis is our most powerful and condensed Magento cluster to date. We have nick named it ‘Son of Godzilla’. This beast lets rip with 100% Samsung Pro SSD raid ten storage and the super fast Hex and Quad Core Intel Cpu’s.

This time we are using only 3u to deliver 28 Cores of Cpu at 3.5 Ghz each. Each server has 5 Samsung pro drives in a raid 10 config.
This solution can deliver a whopping maximum amount of ram up to 960GB (30 DIMM Slots)
We have used the latest Dell 12th Gen servers (as we always do).

  • 28 CPU Cores-Intel® Xeon® 3.5GHz, 20M Cache, 8.0GT/s QPI, Turbo,
  • 128 Gb Ram 1600 MHz
  • RAID 10, 1GB NV Cache hardware raid card
  • Smasung 840 Pro raid ten array
  • 540MB/sec Sequential Read
  • 520MB/sec Sequential Write
  • 100000 IOPS Random Read
  • 90000 IOPS Random Write

We delivered the solution with a mixture of Apache, Varnish and Percona. All built on our tried and tested, highly secure and optimised Magebox platform.

Images took at install time

New Data Floor Build

Posted by Nick Powell in From The NOC on August 26, 2014

We are pleased to announce that we have started work on our new data floor, adding extra capacity and resilience to our existing infrastructure. This will be a two part plan with a new build out of flooring, racks and power due for completion September 2014. These racks have been provisioned at the high specification of 16A per footprint, with dedicated N+N cooling and UPS systems.

This will add an extra 20 racks to our existing capacity and has represented a significant investment.
These new racks will be supported by Simple’s existing 24/7 on-site Network Operating Centre engineers, with a wide range of managed services and solutions available.

Phase two will bring a brand new highly resilient Juniper next generation network across our whole infrastructure with a totally new design built around speed and high availability.

Update August 19th 2014

Update August 28th 2014

Update September 5th 2014

We are pleased to announce the new data floor is now complete, with new customers already using the new racks!
Update October 13th 2014

Samsung 850 PRO SSD 256GB Review

Posted by Nick Powell in News on August 12, 2014

Despite being introduced a couple of years ago now, Samsung’s 840 PRO continues to find itself at the top of performance tree, with other manufacturers playing catch up. Samsung has now launched the 850 PRO, the replacement for the SSD 840 PRO.

The 850 PRO uses of a new type of NAND. Typically, the focus of lowering the cost of NAND and therefore SSDs has been scaling down through process and die shrinks. This process carries with it issues to do with performance and endurance that manufacturers have had to deal with in their own ways.
Samsung’s answer to this is its new NAND, specifically 32 layer 3D V-NAND, which it claims is set to break through the density (and hence capacity) barriers that we’re starting to reach with current 2D/planar NAND.

The 850 PRO is class-leading in virtually every single benchmark, and the target audience of this drive will be particularly pleased with its improvements in write consistency, which is the main area where it could be said the SSD 840 PRO was lacking.
Benchmarks for the 256 are Read 550MB/s, Write 520MB/s, 100k/90k IOPS Max.

It’s not just performance that’s improved, as endurance and power consumption have also improved. The ten year warranty is awesome, as is the 150TB TBW limit that accompanies it, especially for the 128GB version. It’s much higher than what any other consumer SSD currently has, though it should be noted that the NAND will likely outlive 150TB TBW many times over

It’s easily the best 2.5-inch SATA SSD available today, Samsung has delivered once again here and we are expecting our first deliveries at Simple towers imminently.

Insecure Nonce Generation in WPtouch

Posted by Nick in News on July 15, 2014

wordpress-logoIf you use the popular WPtouch plugin (5m+ downloads) on your WordPress site, you should update it immediately.

This was discovered yesterday, it’s a very dangerous vulnerability that could potentially allow a user with no administrative privileges, who was logged in (like a subscriber or an author), to upload PHP files to the target server. Someone with bad intentions could upload PHP backdoors or other malicious malware and basically take over the site.

If you’re running WPtouch, then please update immediately!

This only applies to 3.x versions of WPtouch. Admin’s using 2.x and 1.x versions of the plugin will not be affected by this vulnerability.

Magento Go has gone

Posted by Nick Powell in Magento Hosting on July 3, 2014

Magento Go will close it’s doors on Feb. 1, 2015.

magento-goMagento, the e-commerce platform of eBay Inc.’s e-commerce division eBay Enterprise, will discontinue two of its products geared toward small and mid-sized e-retailers, Magento announced today. The Magento Go and ProStores platforms, which count as clients 10,000 merchants, will have the plug pulled on Feb. 1, 2015.

Magento will continue to offer the Enterprise and Community editions of its e-commerce platform, which are geared toward larger e-retailers. Craig Peasley, Magento’s senior director of marketing, says e-retailers that are growing fast and looking for more customization in the platform could consider either of those options. Help is at hand for existing Magento Go customers as Simple Servers will carry out migrations from Go to Community.

In an interview, Magento marketing head Craig Peasley said the company is making these cuts to focus on the two Magento e-commerce software products: Magento Enterprise and Community Edition offerings. Magento previously cut dozens of employees as it realigned its focus. Peasley said the company does not expect further layoffs related to the shutdown of the business.

Dell Poweredge R220 review

Posted by Nick Powell in News on June 2, 2014

We have used the Dell R200, R210, R210 II so were looking forward to getting our hands on the R220.

Externally nothing much has changed, you get a slightly different status display and a grey bezel that matches the other next gen Dell Poweredge servers.

The R210II was based on the Ivy bridge architecture and the R220 is based on Haswell this is the codename for the Intel processor microarchitecture that is the successor to the Ivy Bridge microarchitecture.

Most Haswell products are branded as 4th Generation Intel® Core™ Processors for client systems, and Intel® Xeon® v3 Processors for server systems, in addition to some Pentium and Celeron-branded processors. Haswell is built on the 22-nm manufacturing process (lithography). Intel officially announced processors with this microarchitecture in 2013. Haswell delivers significant performance advancements over previous architectures, including improved graphics, battery life, and security.

The Intel® Xeon® processor E3-1200 v3 family featuring 33 percent more cache per core. This help improve response times with up to 32GB of memory in four DIMM slots and boost data-transfer speeds with latest-generation PCIe Gen3 I/O.

We also see a new raid controller, the PERC H310, this replaces the old PERC H210. The R220 is no enterprise player thanks to the lack of redundant power and hot swap drives but represents a good mix of cost vs performance.


Magento Hosting Back to Top

2015 © SimpleServers Ltd | Vat No. 974629277 | Company No. 06813119 | Terms and Conditions | Privacy Policy | Part of the Tier9 Group

Cloud Computing: Compute, SAN, CDN