CentOS 6.5 includes several welcome upgrades for web hosting companies, including OpenSSL 1.0.1, closing several security vulnerabilities.
The pace of development for CentOS can sometimes seem frustratingly slow. But, for an industry that values stability and predictability over access to bleeding edge features, a distribution that’s slow to change is a virtue. So, when CentOS does have an upgrade, it’s definitely worth paying attention to. In the most recent release, there are a number of features that will be of interest to web hosting companies and we are going to have a look at some of the major changes here.
We’re hearing ever more about the need for security and encryption of data as it flows over the Internet. The average user, who was blissfully unaware of encryption until recently, is now much more aware of the risks of sending data in the open over the Internet. TLS is the standard protocol for secure encryption of HTTP to prevent eavesdropping across connections, and so it’s important that web hosting companies, many of whom use CentOS, have access to the most recent versions.
This upgrade will probably come as a considerable relief to web hosts. Previous releases of CentOS shipped with lower versions of OpenSSL, which did not support TLS 1.1/1.2. For some time now, TLS 1.0 has been susceptible to several security vulnerabilities including the HTTPS BEAST attack. New versions of TLS have fixed this vulnerability, allowing web hosts to offer more secure HTTPS support to their clients. OpenSSL 1.0.1 also includes support for elliptic curve cryptography and other cryptographic algorithms.
Overall it’s a considerable security upgrade for CentOS-based web servers.
The Precision Time Protocol
In a hosting environment that relies on multiple different servers, it’s important to have a mechanism for accurately syncing events, which requires that all nodes in a cluster share the same information about time. The Precision Time Protocol implements a standard method for synchronizing devices on a network with sub-microsecond precision. While this feature is of more use to systems designed for measurement and automation, there are a number of other data center applications where time synchronization is important.
CentOS 6.5 includes many other changes, amongst which are updates to Hyper-V and VMWare drivers and enhancements to the Kernel-based Virtual Machine (KVM), including read-only support of VMDK and VHDX files and CPU hot-plugging.
CentOS 6.5 is a welcome upgrade to our favorite operating system, and the security upgrades in particular should put a smile on the face of anyone who uses CentOS for eCommerce hosting or other applications that require a guarantee of privacy.
If you want to see the complete list of changes, check out the release notes.
About Graeme Caldwell -- Graeme works as an inbound marketer for InterWorx, a revolutionary web hosting control panel for hosts who need scalability and reliability. Follow InterWorx on Twitter at @interworx, Like them on Facebook and check out their blog, http://www.interworx.com/community.