The security improvements are based on feedback from the user community and are not related to direct reports of security threats. The security concerns only impact users of the self-managed WordPress plugins. The vast majority of the work was done on administrative access and sanitizing of input values. SaaS users are not impacted by these issues.
- Enterprise clients using cluster map markers may have experience map outages , this is resolved.
- Enterprise clients using the location loading indicator set to ‘circle’ had issues with the map not displaying, this is resolved.
Updating Your Location Software
The Software as a Service version of the application was updated overnight. Users of the SaaS platform do not need to take any action to receive the latest features and patches.
The above issues also impacted all WordPress plugin users and require updating to the latest release. The folks at WordPress.com have yet to approve our latest updates and re-list the main plugin. You’ll need to manually uninstall and re-install the main Store Locator Plus® plugin, which can be purchased from our WordPress plugin store.
Store Locator Plus® was updated today with a number of improvements over the 5.2 release. Users will find that the Locations management screen is much faster when the screen options sets pagination length to more than 100 records. The update also ensures that those users that set their location list to more than 512 locations can still use the Export options available in the Professional and Enterprise level of service, or that have the Power add on installed if using the WordPress plugins.
SaaS Performance Boost
While the 5.3 release of Store Locator Plus® includes a number of performance enhancements across-the-board, our SaaS service has received some additional updates that allow us to process location and map requests a little faster. This is thanks to working with a controlled software stack where we know the exact version of WordPress, PHP, and all the libraries involved to squeeze as much performance as possible from the code.
Users should notice faster response when loading the map on a page, especially on sites with more than a few dozen locations being displayed.
All of the Store Locator Plus® web properties are now living on an updated server cluster. The new configuration, a load-balanced cluster, will provide zero-downtime maintenance window and faster performance under peak load; These upgrades will be most noticeable for our SaaS users.
Our prior server configuration used a failover configuration. In that type of configuration a web server handles 100% of the load and if it fails a second duplicate server that is in standby takes over. This provides limited downtime with reduced costs; However, it also means there are routine service outages when the underlying software (Operating System, web services, web apps) are updated.
The current configuration, put into place over the weekend with zero downtime, uses a load balanced configuration. In this configuration two-or-more servers mirror each other and are all online and answering web requests at the same time. Requests are split between the servers with a goal of maintaining an average load of just under 50%. This ensures that if one server fails the service stays up-and-running while a replacement server is automatically brought online to assist in web services.
The load balanced cluster also provides an added benefit of horizontal scalability. Failover style server could only be pushed up to a bigger server with more CPUs and RAM and faster network interfaces; a process that meant building ever-bigger servers with higher costs and longer maintenance window downtime. The load balanced cluster configuration monitors server loads across the cluster and adds a new server automatically at set performance limits. This ensures that there is a less-than-5-minute response time to adding capacity whenever there is a spike in usage.