Our action plan for Meltdown and Spectre
As you may know, a number of security vulnerabilities were recently exposed by Google’s Project Zero that affects everyone with a modern computer. Named “Meltdown” and “Spectre”, these vulnerabilities allow malicious programs to read data from other programs, making your site susceptible to data theft.
As you have come to expect with Flywheel, we are taking immediate and swift action to tackle these vulnerabilities, keep your sites safe and secure, and keep our promises to you as a managed host. We are working closely with our infrastructure partners to resolve these issues as fast as humanly possible, and have an action plan in place to get all Flywheel sites taken care of.
Our plan requires most sites on Flywheel to go through two very short reboots. If your site(s) are affected, we will send the site owner an email notification prior to the reboot window from us, as well as a second notification with the timeline of the second reboot. We anticipate very minimal downtime; in most cases, less than five minutes total for each, though a few sites may take up to an hour. Our plan is to try and run the bulk of these reboots at a time of day when your site receives minimal traffic, in order to affect your business as little as possible.
Meltdown and Spectre affect every single web hosting provider, so if you happen to be hosting any sites elsewhere, please be sure to check with them to confirm that they’re also deploying the patches for this problem!