It has recently been brought to our attention that ‘timthumb.php’, a popular WordPress script used for resizing images on the fly, is vulnerable to a remote inclusion exploit. You can read more about the vulnerability and the fix here: http://markmaunder.com/2011/zero-day-vulnerability-in-many-wordpress-themes/

Due to the popularity of WordPress, and the severity of the exploit which can allow attackers to compromise websites, in order to protect our customers we have attempted to automatically upgrade any ‘timthumb.php’ files to the latest version with this vulnerability already patched against. As of writing this blog post, we have replaced any discovered timthumb.php files with the latest trunk version. Please be advised that whilst we have tested this forced upgrade in many scenarios and have not discovered any issues, there is a small risk that your script(s) or theme(s) may not function 100% correctly with this latest version. We strongly encourage all customers to check that their WordPress plugins and themes are currently working correctly, and if not, please communicate with the author of your plugin/theme to reach a resolution.

Whilst we have attempted to replace all vulnerable ‘timthumb.php’ scripts with the latest version, there is a possibility that some vulnerable versions remain. We strongly encourage and advise that all customers look for any copies of ‘timthumb.php’ within their WordPress installations and update to the latest version as soon as possible. Failure to do so increases the risk that your WordPress installations may be compromised in the future.

Please do not contact us requesting specific instructions on how to upgrade your ‘timthumb.php’ script(s) as ThisWebHost is not responsible for this script in any way. We have taken basic precautionary steps to try and prevent widespread website compromise, however ultimately it is your (the client’s) responsibility to ensure that any scripts you use are up to date at all times.

We are pleased to announce that we have now started offering semi-dedicated hosting packages. The semi-dedicated level package is intended to sit between our existing shared and dedicated hosting packages, providing a more cost-effective solution for customers who require more resources than our shared plans can offer.

Semi-dedicated means that each server is effectively broken up into a very low number of clients. This allows each individual client to consume more resources than they typically would on a shared hosting account, because more are available. Additionally, because it’s semi-dedicated, many of our shared restrictions will not apply, namely;

• No MySQL database size restrictions.
• InnoDB is available.
• No restriction on the number of hourly e-mails that can be sent.
• No CPU limit (in minutes).

We’re happy that this new product now almost completes our product range, providing customers with all of the options available to host anything from a simple private website to a fully fledged several million post(s) forum.