Heartbleed Update

In the wake of the revelation of the Heartbleed bug in OpenSSL and the the posibilities for its exploitation to get certificate’s private key, we have been working around the clock to make sure we are fully secure.

This bug affects OpenSSL only and specifically versions 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1 and it is currently patched in version 1.0.1g.

Our infrastructure has some nodes that use Linux but they are not exposed to the web, and do not contain our SSL certificates. Even so, we do use Rackspace’s and Amazon’s Load Balancers which as it turns out are vulnerable. Interestingly enough when we first setup our infrastructure we decided to host our certificates in our web server images, instead of using the SSL termination in the load balancer. Since our web application is .Net based it is also hosted on Windows on IIS. This means that we are not vulnerable at all.

We planned to move our certificates to the Load Balancer in order to ease our image deployments. After this event, we are rethinking that strategy. It is interesting that we were unaffected by this by pure luck, since we were in the process of moving our infrastructure to a new engine (which we will talk more about later), we were also configuring SSL termination in the load balancer.

As of right now, you have nothing to worry about while using iKnode. We are not affected bythis bug at all. It is still recommended that you change your password for iKnode Management console.

If you want to check other sites to see if they are vulnerable to the bug, you can use any of the following:

It seems that our great friends at Cloudflare have identified that this bug doesn’t leak the private key. We’ll keep you updated as more information is revealed.

If you have any questions or concerns, please don’t hesitate to contact us. We can be reached by using the Support console.

WeTheAdorned Powered by iKnode

WeTheAdornedToday, I am happy to share the news that we have collaborated with the amazing team of Tim & Cyia from T.Cyia on their project WeTheAdorned.

WeTheAdorned is a members-only online jewelry platform which is curated by the famous “Sex And the City” star, Sarah Jessica Parker. This exclusive platform will allow T.Cyia’s bold designs to reach other parts of the world first hand and interface directly with the consumer, and it will also empower the subscriber to be able to acquire the stunning jewerly that was only available to Hollywood stars. For iKnode, this project allowed us once more to create seamless technology that powers creativity while placing the focus on the product and not the technology itself.

We were tasked with designing a launch page to measure interest, first by allowing people to subscribe to the newsletter and second by allowing people to signup for the service for a reduced price during launch. We chose HTML5 and Bootstrap for the front-end, and iKnode as the backend.

WeTheAdorned ModelsWe built two applications: 1) One that manages the Newsletter subscriptions, and 2) one that manages the payments. For the Newsletter subscriptions we used the iKnode Package for MailChimp. We created a newsletter using MailChimp’s intuitive deisgner, and sent user subscriptions from the landing page all the way to mailchimp. In the case of payments we used the Stripe iKnode Package to signup and charge users for the service without us even worrying about storing credit card information on our servers or worrying aobut PCI compliance.

Using iKnode was not only a time saver in terms of development and maintenance, it was also an amazing platform for reliability and stability by handling high traffic peaks without being noticed. The iKnode cloud was able to handle approximately 10,000 requests per second on the highest traffic day.

We are very lucky to be able to work with Tim & Cyia in such a bold project. We are excited to see what is yet to come from this amazing duo and how technology will power one of the most creative profession of the world.

Announcing the New Documentation Site

Today we are announcing the new documentation site. We have been adding a lot of content lately to the documentation, and we have been complaining about how the structure wasn’t useful enough. The old design was just too cluttered and complicated.

The new design is clean and very well structured: New Document Site

With this new design we strived to improve the usability and structure to make it easier to navigate and read. The navigation was one of the most important improvements we added. Before it was just a simple Octopress menu, now it is a minimal but powerful side bar.

Navigation

The content is also less cluttered, now that it is divided into several pages, instead of having only one page for all. At the beginning, we thought having it all in one page would be easier for the user and for us to read and look for, but as it grew, it became too much. Multiple pages encapsulates the content better and it also helps you focus on what you are trying to learn.

Go check the documentation site yourself and let us know what you think.

iKnode Documentation