January 8, 2017
Today we released version 3.9 of our cloud platform which includes a few new feature enhancements, especially to the cloud load balancer, as well as the usual bug fix or two. Below is a summary of the most notable.
Maintenance Windows: We added a new feature that allows you to suppress alerting during specified times, or from specified monitoring regions. This feature can be found in the Account > Alert List tab. Now you can add entries and attach them to specific alert lists to block email or SMS messages during certain times every day, week or month or from monitoring regions around the world where your traffic does not pass through or are not important to you. If you reboot your servers nightly or weekly and are tired of receiving alerts when it happens, this feature is for you!
Login from authorized IPs: We added a new feature to further enhance the security of the management interface and API. Now in the Account > Roles & Security tab a new table is visible. This table allows you to add one or more IP addresses or address ranges for each role to further restrict access to the platform. A sample use case might be to restrict users in the admin role from logging in outside of the company offices, but users in the read-only role can still access from anywhere. Be careful! The first IP you might want to add should be the one you’re currently logged in from!
Reason tracking: We enhanced the server status log and the tooltip message of server status icons to now display the reason why a device is up or down, when that information is available. This should help with troubleshooting device issues significantly. For example, an HTTP monitor might now display that a device is down because an “HTTP 404 response code was received”. While these new “reason” messages are often shown, they aren’t always because they aren’t always available. We’re working to improve that too.
Device Status Log Time Zone: We corrected an issue in the device status log where the time zone would not always properly show the time based on the logged-in user’s profile.
Change Log tracking: We enhanced the change log to now also track the IP address of users who log into the UI or API, whether from an IPv4 or IPv6. Previously we only tracked the user name and with the new feature to block logins from authorized IPs, this seemed to go hand-in-hand.
Support passphrase: We added a new field to the user profile to track a support passphrase. This offers an added security verification option when users require telephone-based support.
New user creation options: Now, when a new user account is created, you can choose the role and time zone. Previously you would create a user and it would be assigned to the default role automatically, requiring you to go back and edit the user if you wished to change the role. This now streamlines new user account creation.
DNS Import functionality: The DNS Import tool used a Silverlight control that stopped working when Google dropped support for NPAPI plugins. The import tool continued to work in Internet Explorer, Firefox and other browsers, but our Chrome users were starting to get upset. We completely rewrote the import system to use an HTML5 file selection and upload tool. This only affected the UI, of course. The API continued to import uninterrupted.
CNAME & PTR record modification: We enhanced the CNAME “points to” as well as PTR records to support more custom characters for specific client applications.
Public Facing Port Options: We added a significant new features into the WAF/Load Balancer that allows further control via the UI/API over how traffic is handled on public facing IP addresses. These port options allow for setting the Client Idle Timeout, enabling HTTP to HTTPS redirects, configuring supported SSL protocols and session re-use, Blocking specific HTTP request methods as well as country blocking. This feature can be found by clicking the options pop-out on the public port table beside the port/protocol you have defined. It is configured separately for each port, since you may wish to block a specific country for port 21/FTP, but not for port 80, as an example. You can find further detail in this KB article.
Back end SSL Options: We added new support for back-end SSL configuration for devices/servers. Now when you edit a device/server and activate the SSL protocol for any port, you are given the options to choose whether to enable session re-use, configure the time-out and choose which SSL protocols you wish to allow. This option now allows you to present different SSL protocols on the front-end where the public connects vs. the back-end where trusted communications happen between the Total Uptime network and your devices.
Server and Pack search/filter: We added a new feature to the Configuration builder that makes it easier to find servers or packs by allowing you to enter search criteria to filter your existing list. Users can use this filter if they need to find a specific device where there are many, or to simply limit those in view to ensure they are editing the right ones.
Idle Timeout settings: We added two new options to the server configuration dialog to specify the time in seconds for when an idle connection should time out. The setting can be configured for a client-side connection and server side connection (between the load balancer and your server).
Server weight confirmation: We added a pop-up to confirm when the server weight change has completed so you’ll know exactly when it has taken effect. Additionally, if only one server exists in the server group (e.g. you’re not using load balancing but only failover), you won’t see the weight option since the value has no impact.
Add existing server: We added a new button within each server group to allow you to easily add already existing servers/devices to the group without having to use the drag-and-drop feature in the UI. This feature was highly requested by our mobile users.