HostBill Changelog Discussion - Version: 4.6.4 Date: 06-07-2013

Started by Lawrence, June 07, 2013, 01:36:10 PM

Print
Go Down Pages 1 2
User actions

Patrick

#15
June 07, 2013, 05:44:48 PM
So has anyone updated theirs? 
Patrick - Forum Rules
Insanity: doing the same thing over and over again and expecting different results. - Albert Einstein

nibb

#16
June 07, 2013, 05:54:38 PM
Not yet, I do updates manually, never used the auto update feature, because I think its a terrible idea in the first place, and second, I had killed many bugs myself and added stuff, so I prefer nothing overwriting this.

I also like to see what each file has as new in the code. So my updates are rather very slow. They would be faster if we could only download the new changes files as opposed to a full download each time.

Patrick

#17
June 07, 2013, 06:01:09 PM
Quote from: nibb on June 07, 2013, 05:54:38 PM
Not yet, I do updates manually, never used the auto update feature, because I think its a terrible idea in the first place, and second, I had killed many bugs myself and added stuff, so I prefer nothing overwriting this.

I also like to see what each file has as new in the code. So my updates are rather very slow. They would be faster if we could only download the new changes files as opposed to a full download each time.

The auto update feature is a great idea as long as it's bug free.  Many vendors do this for their software.  Be it web development or windows applications, it's a very functional method and offers like you mentioned two methods of upgrades.  We have been using the web auto upgrade within hostbill now since it was developed and it's worked perfectly for us every time. 
Patrick - Forum Rules
Insanity: doing the same thing over and over again and expecting different results. - Albert Einstein

nibb

#18
June 07, 2013, 06:09:47 PM Last Edit: June 07, 2013, 06:17:35 PM by nibb
Quote from: patrick on June 07, 2013, 06:01:09 PM
The auto update feature is a great idea as long as it's bug free.  Many vendors do this for their software.  Be it web development or windows applications, it's a very functional method and offers like you mentioned two methods of upgrades.  We have been using the web auto upgrade within hostbill now since it was developed and it's worked perfectly for us every time.

Wow, you are surely a risky guy Patrick. Downloading something that comes from Hostbill servers to your server.

Hell no. You know how sloppy hostbill is, next time you will download a trojan back to your server, because Hostbill wordpress was hacked, because Kris forgot to update it or to correctly set permissions. I mean, its not that hostbill is the more organized person in the world, im not even sure how seriously he takes security on his software and own website.

Also, this auto upgrade features tend to work OK, in softwares that are very, very tested, companies that have regression testing and test auto updates in several different settings, scenarios, running tons of different virtual server labs, different OS, settings, etc. Even so this can go wrong. And I don't think hostbill even tests his software before releasing it. We are all more or less beta testers...

Also, auto updates in Windows and some software works because its not software where you have many changes like something running in your website which needs to be very branded or custom to your needs. Absolutely almost all PHP software I use, I tend to change templates, files, etc, I have tons of custom changes, bug fixes which I fixed myself, etc. Its almost impossible that an auto update will not overwrite or change something in my case. And its impossible that any auto update feature detects each line of code I changed, its usually a feature that just replaces old files completely with new files.

So, no, no auto updates for me, ever. I understand this may be work for people running hostbill out of the box, but in my case this can't work and to be honest, I like to do things manually. I actually have auto updates disabled in almost all softwares, I prefer to log the changes myself, then update, then test, in case something changed or goes wrong, I can track back the date of the changes I made or updates. This includes linux servers as well. The only reason I use auto updates or update immediately are in case of critical security bugs.

Im like those corporation that still run XP and are upgrading to Win7. Before that I was trigger happy and clicked update on everything, new software always tend to break stuff, in particular if you have customized systems, so its all testing first for me. Slow, but safe.

But I understand that his feature is very useful for allot of users and it can save them allot of time and frustration. But im sure im not the only one that has this disabled and still does things manually, the old way.

Patrick

#19
June 07, 2013, 06:16:24 PM
I wouldn't say risky, no one knows where the auto update files are hosted unless they hack Hostbill itself.  Even that said, it doesn't stop someone from injecting malicious code in to the zip file as well.  So you downloading the update manually is coming from the same server with the exact same risks in terms of injecting code. 

As for Windows software updates, I have 8 software out and each have 7 week release cycles.  So updates are quite frequent for our software.  Unless you are physically picking up a copy backed up on to a tape and walking it to your server, you'll always run the usual risks.  I can with confidence say that the auto update and manual update run the same risks of exploits being injected if hacked.  So if you're worried about one, i'd highly suggest you worry about both.

In terms of control, i agree the manual update process provides far more control and you can avoid common issues an auto update may cause.

Edit:

You're absolutely well within your rights to feel that way though, you're not alone.  Many people hate google for the info they collect.  Now as of today the US Gov admits to basically spying, so it's a roller coaster these days no matter what
Patrick - Forum Rules
Insanity: doing the same thing over and over again and expecting different results. - Albert Einstein

nibb

#20
June 07, 2013, 06:23:24 PM
Sure, but the auto update, you donĀ“t know what is download, and what is overwritten. Doing it manually, I can watch this process on my own. Of course security is not the main reason, but rather changes I made. Of course if Hostbill servers where exploited, the changes of those running auto updates each week are far higher, vs me, that update once every month, or even longer, maybe by the time I download the new version, the issue has been detected or fixed already.

Of course nothing stops me from downloading an encoded file as well which is compromised. Nothing is discarded, but and everything is possible. I just to prefer manual updates. Even in Windows, I have them set to notify me, so I then can select manually when to update or even select what packages to update. Im one of those that like to read the changelogs of each new change. It saved me more than once from making a mistake, in particular when a changelog contains something incompatible with my setup I can first update the other component, or avoid the update.

A small example, would be a new hostbill version, that requires a new PHP or MYSQL version, imagine those running older configurations, click auto update, and their installation is broken, because they never even checked the changelog on the new version. This is just one example, but having the choice to auto update, since its so easy makes you want to update all the time.
Print
Go Up Pages 1 2
User actions