Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Apr 30, 2026 - 20:13 EDT
Scheduled
Critical Security Mitigation
We are performing brief server reboots across our fleet to apply a vendor-recommended kernel-level mitigation for CVE-2026-31431 ("Copy Fail"), a high-severity Linux kernel vulnerability disclosed publicly on April 29, 2026. This vulnerability affects virtually all Linux distributions and allows local privilege escalation. Multi-tenant hosting environments are specifically identified as high-risk.
To be clear: we have no evidence of any exploitation or unauthorized access on our infrastructure. We are applying this mitigation proactively to ensure it stays that way.
Our existing security layers, including Imunify360 and CageFS, provide detection and containment, but the vendor (CloudLinux) has confirmed that the kernel-level mitigation is required to fully close the attack surface. Rather than wait for a live patch that may take additional hours to become available, we are applying the mitigation now to minimize our customers' exposure window.
Servers will be rebooted individually over the course of the maintenance window. Expected downtime is approximately 5-10 minutes per server.
No customer action is required. All websites and databases will resume automatically after each reboot. If you experience any issues following the maintenance window, please open a support ticket and our team will respond immediately.
We appreciate your understanding. Protecting our customers' data is our top priority.
Posted Apr 30, 2026 - 20:12 EDT
This scheduled maintenance affected: MONTREAL DATA CENTRE, TORONTO DATA CENTRE, VANCOUVER DATA CENTRE, DEV/SANDBOX SERVERS, WPCLOUD SUPPORT SYSTEM PORTAL, and WPCLOUD.CA WEBSITE.