1&1 Status Page

We continuously monitor the status of the 1&1 Web Hosting services. If there are any interruptions in service, a note will be posted here.
If you experience problems accessing your 1&1 Web Hosting services which are not listed here, please contact us. For contact channels please click here.


Maintenance Incident

No planned maintenance scheduled.

All systems operating normally.

Drupal Security Vulnerability
Start:
11/21/2014 12:10 PM
Estimated end:
Unknown
Last update:
11/21/2014 12:11 PM
Type:
Security note
Affected services:
Website
Description:

A new security vulnerability has been identified affecting Drupal versions prior to 6.34 and 7.34. If you are currently running a Drupal installation that is not 6.34 or higher, or 7.34 or higher, your installation is vulnerable to attacks that may be used to gain access to a user’s session or leverage a password hashing API to completely exhaust the CPU and memory resources of your site, causing it to load slowly or not at all. This security vulnerability has been named SA-CORE-2014-006.

 

More information regarding the vulnerability is available from Drupal's website: https://www.drupal.org/SA-CORE-2014-006

 

 

Solution

If you have installed Drupal in Safe Mode using the 1&1 App Center, no action is necessary on your part. The security patch is currently being applied by 1&1.

 

If you have installed Drupal manually, or in Free Mode using the 1&1 App Center, please check your current installation and update to the latest version – 6.34 or 7.34 . To find instructions on how to update Drupal to the latest version, please reference the Drupal page provided below: http://www.drupal.org/upgrade