What a way to start the new year! We’ve no sooner pulled down the Christmas tree than two huge new security exploits have been confirmed to affect virtually every major computer processor on the market. Right now these bugs are reputedly nothing more than proofs of concept and no one is sure if they’ve actually been used in anger by hackers or malevolent actors.
What’s certain for sure is that 2018 will be another year where security vigilance is at the top of everyone’s list – web hosting included. Note: if you really haven’t heard of this CPU bug yet, Wired has an enjoyable story on the discovery of the bugs.
Obviously our systems team were tracking the exploit (sometimes on an almost hourly basis) as soon as murmurs started to surface; immediately beginning to plan for and implement mitigation efforts. As of this post all of our hosting platforms are now updated with patches to secure against both the Meltdown and Spectre exploits. This includes our Professional, Reseller, Business and WordPress Hosting platforms.
Most systems have actually been patched for a couple of weeks at the time of writing, but for a few edge case servers we had to work with specific software vendors to completely lock them down; we only wanted to officially make this post when all hosting systems were 100% patched.
Will Meltdown and Spectre affect my website speed?
In various press articles, you might’ve read that CPU performance can be impacted by as much as 30% by mitigating against these two exploits. In reality this is an extreme example of specific applications in worst case scenarios. At any rate, our hosting servers are typically not CPU constrained to begin with, having plenty of headroom to spare. The biggest constraints we work with are memory followed by disk (both storage space and speed). CPU capacity is rarely a concern with standard web hosting on modern processors, and most of our servers are extremely over provisioned in that aspect.
As a result, we don’t anticipate any users noticing a slow down in site performance. If anything, we’re always working on making websites faster.