Jump to content

Revive Adserver Forum

Administrators
  • Content Count

    18
  • Joined

  • Last visited

1 Follower

About Revive Adserver Forum

  • Rank
    Administrator

Contact Methods

  • Website URL
    http://www.revive-adserver.com/

Recent Profile Visitors

5,503 profile views
  1. Response to report about outdated Revive Adserver installations being compromised Summary A report about compromised Revive Adserver installations does not emphasize enough that these installations ran outdated versions of the software. We put a lot of effort into security updates. As part of that, we are about to introduce rewards for security researchers who report newly found vulnerabilities responsibly on HackerOne. We urge users to always update to the most recent version available. In more detail A few weeks ago, a company called Confiant posted a blog about some cases where they discovered Revive Adserver installations being compromised. Whoever was responsible for this then proceeded to insert malicious codes into existing ads. The malicious codes would redirect site visitors exposed to these compromised ads to sites that would then attempt to infect the visitor’s computer or perform other malicious actions. In their blog post, Confiant points to our Github project and – unfortunately – misspells our project name consistently. They describe the Revive Adserver project as “a huge PHP project that has been around for well over a decade.”. They also link to our webpage with past Security Advisories and our HackerOne program page. Next, Confiant is correct in stating (direct quote from their blog): This not to say that the Revive team doesn’t handle security issues well, but more to illustrate that this is a large project that has been around for many years and that there are many ad serving infrastructures out there that are based on dated versions of Revive. And that last part is where the crux in this matter lies: even though our project frequently releases updates of the Revive Adserver software, which anyone can download free of charge and install in a matter of minutes, there are still many individuals and organizations who continue to run outdated versions. This is – of course – not limited to just our software. Keeping the software being used for an online operation up to date is crucial, but that doesn’t mean that everyone puts in the effort all the time. As can be seen from our Security Advisories page and from our release history, we put a lot of effort into investigating any reported vulnerabilities, and into releasing security fixes for these as soon as is humanly possible. However, we can’t force the users of our software to update. Fortunately, many users do so anyway. At the time of this writing, almost 1,600 known installations of our software run the recent v5.0 x software. And more than 600 of those have been updated to the most recently published version v5.0.5, just a few weeks after it was released. For good measure: both v5.0.5 and v5.0.4 contain some security fixes, and these were all for very minor issues that are completely unrelated to the larger problem that Confiant refers to. And Confiant even adds: “For context, Tag Barnakle have compromised ~60 ad servers in total.”. So, in the context of literally thousands of known installations, the number of compromised installations is relatively small. Of course, even just one compromised installation is one too many. Contrary to what Confiant writes, this is not a new problem. The practice of attacking and compromising outdated installations of ad server software has been around for as long as ad servers have been in existence. That’s because an ad server is a very attractive environment for criminals, since it enables them to very easily reach a large audience. In that sense, creators of malware are not that different from regular advertisers. Confiant does not give any detail about how the compromised installations were attacked. We assume however, that these attackers simply use the well published attack vectors to get into outdated installations. People and organizations running outdated versions with known security vulnerabilities are in fact responsible for the issues they face. We do our very best to inform our users as soon as a new version is available. We have a free mailing list to inform subscribers about new releases. The software displays a message inside the user interface, informing system administrators about new releases. We post updates on our blog, on the community forums, on Twitter and on Facebook. But then the users themselves will have to take action and spend a little time to actually perform an update. We continue to take the security of our software extremely seriously. And we’re literally putting our money where our mouth is. Later this year, we will enhance our existing HackerOne program, offering rewards to security researchers who report new vulnerabilities to us, obviously, in a responsible manner. We will investigate any report we receive and we will release security updates if and when necessary. Meanwhile, we urge our users to always update their installations to the most recent version of the Revive Adserver software. It was, is, and continues to be a free download, so there’s no reason to delay updating for financial reasons. Don’t want to update yourself? Alternatively, if you don’t want to spend any time on keeping the software up to date, we also have a Hosted edition that you can subscribe to. This is a Software-as-a-Service offering that uses the exact same software, and that will always be kept up to date with the most recent version. All you have to do is subscribe, log in and use it. The post Response to report about outdated Revive Adserver installations being compromised appeared first on Revive Adserver. View the full article
  2. The Revive Adserver team announces the immediate availability of Revive Adserver v5.0.5. We are pleased to announce the release of version 5.0.5 of the Revive Adserver software. This new version addresses issues with cookies when running PHP 7.3 and higher. It also addresses some minor security issues that have been discovered recently. Here is a list of changes in Revive Adserver v5.0.5: Fixed issue with setting cookies on PHP 7.3+ introduced with the latest cookie changes. Full release notes for v5.0.5 can be found on our Github page. Security fix This version 5.0.5 contains fixes for some minor security issues that were recently discovered. We recommend upgrading to the most recent 5.0.5 version of Revive Adserver as soon as possible. Download, install and upgrade Revive Adserver v5.0.5 is available for download now. Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements. Community contributions The continued development of Revive Adserver is being sponsored by community members, either financially or in the form of code contributions. We’re very grateful for the support we’ve received. If you would like to contribute to our project, please consider becoming a patron on Patreon.com. Another way to contribute to our project, is by using the Revive Adserver Hosted edition. The post Revive Adserver v5.0.5 released – includes security fixes appeared first on Revive Adserver. View the full article
  3. Revive Adserver, cookies, Google Chrome v80 Revive Adserver, cookies, Google Chrome v80 Summary: With the release of version 5.0.4 of Revive Adserver on January 21, 2020, our software is now fully prepared for the upcoming changes regarding third-party cookies in Google Chrome v80. In more detail As announced by Google, Google Chrome v80 is due to be pushed to users in February 2020. This version implements what Google calls a “secure-by-default model for cookies”. Mozilla’s Firefox and Microsoft’s Edge are set to also implement this in the near future. Instead of trying to explain what this means, we would like to recommend having a look at the article posted on the Webmaster Central blog, Get Ready for New SameSite=None; Secure Cookie Settings. In case you find it hard to understand this rather technical article by Google, you could also have a look at article WTF is Chrome’s SameSite cookie update? On Digiday.com, which has a somewhat more humorous take on the matter. We released Revive Adserver v5.0.3 on January 14th, 2020, including some changes to the way we set cookies, with the aim of supporting the new directive. Unfortunately, the changes were not entirely successful, and a few days later we became aware of several issues affecting cookies. While the ad server still worked, several features that require cookies, for example frequency capping, did not. These issues have been tackled with priority. On January 21, 202, we released Revive Adserver v5.0.4, which fixes the earlier cookie issues and made some additional improvements to how Revive Adserver deals with cookies. We recommend updating to Revive Adserver v5.0.4 at your earliest convenience, so that you’re fully prepared for the release of Chrome v80 next month. Don’t want to update yourself? Alternatively, if you don’t want to spend any time on keeping the software up to date, we also have a Hosted edition that you can subscribe to. This is a Software-as-a-Service offering that uses the exact same software, and that will always be kept up to date with the most recent version. All you have to do is sign up, log in and use it. The post Revive Adserver, cookies, Google Chrome v80 appeared first on Revive Adserver. View the full article
  4. The Revive Adserver team announces the immediate availability of Revive Adserver v5.0.4. We are pleased to announce the release of version 5.0.4 of the Revive Adserver software. This new version addresses issues with the creation and use of cookies that were discovered after the release of version 5.0.3 on January 14, 2020. It also addresses one security issue that has been discovered recently. Here is a list of changes in Revive Adserver v5.0.4: Fixed cookie based features (e.g. frequency capping) inadvertently broken in the 5.0.3 release. Full release notes for v5.0.4 can be found on our Github page. Security fix This version 5.0.4 contains a fix for one low risk vulnerability that was recently discovered and reported to us through our HackerOne security program. We recommend upgrading to the most recent 5.0.4 version of Revive Adserver as soon as possible. Download, install and upgrade Revive Adserver v5.0.4 is available for download now. Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements. Community contributions The continued development of Revive Adserver is being sponsored by community members, either financially or in the form of code contributions. We’re very grateful for the support we’ve received. If you would like to contribute to our project, please consider becoming a patron on Patreon.com. Another way to contribute to our project, is by using the Revive Adserver Hosted edition. The post Revive Adserver v5.0.4 released – includes security fix appeared first on Revive Adserver. View the full article
  5. MaxMind’s new license key for downloading GeoLite2 files Downloading and updating GeoLite2 files Revive Adserver version 5.0 comes with a new, completely rebuilt geotargeting plugin, capable of using the new GeoIP2 datafiles produced by MaxMind. Our software was developed to be capable of downloading the required GeoLite2 country datafile from MaxMind’s servers upon initial installation, or while upgrading from a version older than v5. It is also capable of keeping that datafile updated by downloading any newer files that MaxMind publish (usually on a weekly basis). We released Revive Adserver v5.0 on September 30, 2019. On December 18, 2019, MaxMind suddenly announced that they were going to implement a mandatory license model for file downloads and updates of GeoLite2 files. License keys for GeoLite2 are free of charge. Following MaxMind’s announcement, a new version 5.0.3 of the Revive Adserver software was released on January 14, 2020, which is capable of using your MaxMind GeoLite2 license key to download GeoLite2 datafiles. In this blog post, we explain how to obtain a free license key from MaxMind’s website, and how to use it in your installation of Revive Adserver v5.0.3 or higher. Step 1: sign up for a MaxMind license key As explained in the blog post by MaxMind, you can get a license key free of charge. The steps are: Sign up for a MaxMind account (no purchase required) Confirm your signup and set a password to access the MaxMind backend website Create a License key Step 2: Enter license key in geotargeting plugin settings Here is what you need to do to enter the license key you just obtained in the plugin’s settings: Go to your installed Revive Adserver v5.0.3 (or higher), and log in as a system administrator. If necessary, switch to Working as System Administrator in the top right hand corner of the screen. Now click the Plugins tab. Most likely the new MaxMind GeoIP2 Plugin is listed at the top of the list of available plugins. For this plugin, click the Details link in the same row. On the details screen, you’ll see two components. Click the Settings link in the first row. In this settings screen, you will notice a new settings field for the License Key. Paste the license key you obtained from MaxMind in step 1. Now click the Save Changes button. Step 3: Force download of GeoLite2 file (optional) If you’ve been using a prior version of the software that was capable of downloading the GeoLite2 country datafile without a license key, the software will now be able to do that again using the license key you just entered. By default, the software will check for new files during the maintenance process at midnight. If it notices that a newer file is available, it will download that and use it to replace the outdated file on your server. If you created a fresh install of Revive Adserver v5.0.3, or if you updated from a version older than v5.0, and entered your license key, it will now be capable of downloading the GeoLite2 country datafile. To force the system to do that right away, instead of having to wait until midnight, here’s how: Make sure you are still logged in as a System administrator, and that you are still Working as System Administrator. Go to the Plugins tab to open a list of the installed plugins. In the row for the MaxMind GeoIP2 Plugin you will see that the status column shows the plugin to be Enabled. Now click the Disable link at the right of the same row. The screen will refresh and the plugin’s status will have switched to Disabled. A new Enable link has come into view in same place. Click it to enable the plugin again. To avoid disrupting your ad serving, disable and enable within a few seconds. Once again the screen will refresh, but you may notice that it takes a few seconds. This is because at that very moment the plugin is proceeding to download the GeoLite2 country datafile from MaxMind’s servers. The time it takes to download it depends on the speed of your server’s connection to the internet. That’s all, your geotargeting plugin is now up to date. It will automatically keep an eye on any new versions of the GeoLite2 country file and download it once available. This will happen at most once every 24 hours, at midnight. Don’t want to get your own license key? Alternatively, if you don’t want to spend any time on configuring a server and installing the software, obtaining a MaxMind license key and setting that in the software, we also have a Hosted edition that you can subscribe to. This is a Software-as-a-Service offering that uses the exact same software, and that will always be kept up to date with the most recent version. All you have to do is sign up, log in and use it. We’ve already taken care of regular updates of the GeoIP data files for you! The post MaxMind’s new license key for downloading GeoLite2 files appeared first on Revive Adserver. View the full article
  6. The Revive Adserver team announces the immediate availability of Revive Adserver v5.0.3. We are pleased to announce the release of version 5.0.3 of the Revive Adserver software. This new version has two new features, one is about the SameSite cookie policy for Google Chrome and other browsers, the other is support for registering a license key to enable download of MaxMind’s GeoIP2 files following the changes in MaxMind’s EULA. Here is a list of changes in Revive Adserver v5.0.3: Added support for the SameSite cookie directive which will soon be required by browsers in order to allow 3rd party cookies. Updated MaxMind2 database updates downloader to use a license key, according to their EULA changes. Full release notes for v5.0.3 can be found on our Github page. We encourage our users to upgrade to the new version 5.0.3 as soon as possible, so that they can benefit the most from the new functionality of Revive v5. Download, install and upgrade Revive Adserver v5.0.3 is available for download now. Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements. Community contributions The continued development of Revive Adserver is being sponsored by community members, either financially or in the form of code contributions. We’re very grateful for the support we’ve received. If you would like to contribute to our project, please consider becoming a patron on Patreon.com. Another way to contribute to our project, is by using the Revive Adserver Hosted edition. The post Revive Adserver v5.0.3 released appeared first on Revive Adserver. View the full article
  7. The Revive Adserver team announces the immediate availability of Revive Adserver v5.0.2. We are pleased to announce the release of version 5.0.2 of the Revive Adserver software. This new version fixes a number of bugs and issues that were reported after the recent releases of version 5.0.0 and 5.0.1. Here is a list of the issues that have been fixed in Revive Adserver v5.0.2: A warning message was always showing in the delivery rules screen, incorrectly indicating there was a mismatch with the cached delivery rules. Delivery rule targeting countries were not working. Midnight maintenance triggered an error when the GeoIP2 plugin tried to download the file updates. Full release notes for v5.0.2 can be found on our Github page. We encourage our users to upgrade to the new version 5.0.2 as soon as possible, so that they can benefit the most from the new functionality of Revive v5. Download, install and upgrade Revive Adserver v5.0.2 is available for download now. Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements. Community contributions The continued development of Revive Adserver is being sponsored by community members, either financially or in the form of code contributions. We’re very grateful for the support we’ve received. If you would like to contribute to our project, please consider becoming a patron on Patreon.com. Another way to contribute to our project, is by using the Revive Adserver Hosted edition. The post Revive Adserver v5.0.2 released appeared first on Revive Adserver. View the full article
  8. The Revive Adserver team announces the immediate availability of Revive Adserver v5.0.1. We are pleased to announce the release of version 5.0.1 of the Revive Adserver software. This new version fixes a number of bugs and issues that were reported after the recent release of version 5.0. Here is a list of the issues that have been fixed in Revive Adserver v5.0.1: Improved performance of delivery rules validation and recompilation, which was causing upgrade failures under some circumstances. Fixed an issue that caused the From e-mail header to be malformed when sending campaign expiration and other e-mails. Fixed an issue preventing the MaxMind GeoLite2 City database from being updated during midnight maintenance. Added several missing entries to the ISO-3166 Subdivision delivery rule, including subdivisions in Belgium, Spain, Switzerland and other countries. Allow video autoplay within iframes generated by the async and iframe invocation tags.. Full release notes for v5.0.1 can be found on our Github page. We encourage our users to upgrade to the new version 5.0.1 as soon as possible, so that they can benefit the most from the new functionality of Revive v5. Download, install and upgrade Revive Adserver v5.0.1 is available for download now. Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements. Community contributions The continued development of Revive Adserver is being sponsored by community members, either financially or in the form of code contributions. We’re very grateful for the support we’ve received. If you would like to contribute to our project, please consider becoming a patron on Patreon.com. Another way to contribute to our project, is by using the Revive Adserver Hosted edition. The post Revive Adserver v5.0.1 released appeared first on Revive Adserver. View the full article
  9. Introducing: new Geotargeting plugin for MaxMind’s GeoIP2 Revive Adserver version 5.0 comes with a new, completely rebuilt geotargeting plugin, capable of using the new GeoIP2 datafiles produced by MaxMind. In this blog post, we present an overview of the changes and improvements in the updated Geotargeting plugin that ships with Revive Adserver v5.0 and higher. Continue reading to find out what’s new, and how this will improves your ability to use geotargeting effectively. Brief introduction of Geotargeting In case you’re not familiar with the term ‘geotargeting’, it is a technical feature that enables you to target an ad to a specific geographic location or area, for example a country or even just a city. It works by taking the IP address of the person visiting the website, and looking up an estimation of the associated location in a large datafile. What has changed? And why? Revive Adserver – like its predecessors OpenX Source, and phpAdsNew – has always had a geotargeting feature. It relies on datafiles compiled by a third party, a company called MaxMind. These datasets are updated regularly, because there are frequent changes in the assignments of blocks of IP addresses to internet service providers and geographic locations. MaxMind had a file format they called GeoIP for years, but when they announced they were to stop supporting that file format and move on to the new GeoIP2 format, it prompted us to redevelop the geotargeting plugin. Automatic installation and updates of MaxMind datafiles In previous versions of Revive Adserver, we used to include a copy of the so-called ‘Geolite Country’ datafile. This file allowed for geotargeting at the continent and country level. A problem with this approach was that the file was only ever up to date for a few weeks after the release of a new version of Revive Adserver, whereas MaxMind updated their data files at least once per month. On top of that, MaxMind no longer permit this kind of distribution of their datafiles with software like ours. Fortunately, there is a much better alternative, which has been implemented in version 5.0. While performing a new installation of Revive Adserver v5.0, or while upgrading an earlier version to v5.0, the installation wizard will automatically download the most up to date version of the GeoIP2 city datafile from the MaxMind servers and store it on the server that is being used for Revive Adserver. Even better, it will also check every night at midnight if a newer version of that GeoIP2 city data has been made available. If so, it will download that and use it to replace the outdated file. As a result, not only will a Revive Adserver installation with version 5 or higher always use the most recent version of the MaxMind datafile, but it is now also by default the city datafile (instead of the country file shipping with our software in the past), allowing for much more precise geotargeting by continent, country, city, and various other geographic areas. Renewed geographic structure As part of the modernization of the data files, MaxMind have incorporated the most recent insights about the geographic structure of our planet. The Geotargeting plugin that ships with Revive Adserver 5.0 and higher now supports targeting at these levels: Continent: target visitors that are located on an entire continent, like Africa, Europe, North America, South America, Asia, or even any combination of continents required. Revive Adserver will present a list of all known continents and users can simply select the one(s) they need. Country: target visitors that are located in one or more countries on our globe, by selecting that country or set of countries from a comprehensive list. City: after selecting a country, type the name of a specific city, or even a comma delimited set of city names, to target visitors from those locations. It is important to note that geotargeting is not an exact science, and the more granular the targeting becomes, the accuracy of it is lower. Subdivisions: many countries have divided their areas in structured sub divisions, and the MaxMind datafiles now support this, as does the new geotargeting plugin. For example: at Subdivision level 1, the United States of America is made up by the 50 states. Some countries also have an additional Subdivision level 2. Metro code and Postal code: for the United states, the geotargeting plugin supports targeting by US Metro code, and for the area comprised of the US and Canada, targeting by Postal code is also available. Latitude/Longitude: the final geotargeting method supported by default in Revive Adserver v5 is by providing the coordinates of a ‘square’ area, simply by entering the starting and ending latitudes and longitudes. Get Going To benefit from this new Geotargeting functionality, get started by downloading the Revive Adserver v5.0 software today, and installing it on your own server. If you already have an older version of Revive Adserver installed, upgrade it to v5.0 today to take full advantage. Alternatively, if you don’t want to spend any time on configuring a server and installing the software, we also have a Hosted edition that you can subscribe to. This is a Software-as-a-Service offering that uses the exact same software, and that will always be kept up to date with the most recent version. All you have to do is sign up, log in and use it. The post New geotargeting plugin in Revive Adserver v5 – an overview appeared first on Revive Adserver. View the full article
  10. The Revive Adserver team announces the immediate availability of Revive Adserver v5.0. We are pleased to announce the next major release of the Revive Adserver software, which has been given version number v5.0. This new version introduces a completely new Geotargeting plugin, enabling the software to work with the MaxMind’s new GeoIP2 datafiles. There is also a new feature to duplicate websites and their zones, and a number of bugs have been fixed. Here are the most important changes included in Revive Adserver v5.0: New features and enhancements We implemented a new geotargeting plugin, which is compatible with the newer GeoIP2 datafile format being published by MaxMind nowadays. A particularly nice improvement is that the new plugin is capable of automatically downloading the datafiles from MaxMind’s servers, and also to update those files when MaxMind publishes a new version. We’ll post a separate blog shortly with some extra details and tips about the new Geotargeting plugin. Development of the new Geotargeting plugin has been made possible by a financial contribution from our partner Aqua Platform, specialists in high performance, high availability Revive Adserver hosting. We extended the screens for managing user access to accounts, to display the most recent login date and time of users. We added a feature to duplicate websites and their zones. We want to thank long time community member Heiko Weber for contributing this new feature. Bug fixes Fixed compatibility with PHP 7.4 and improved compatibility with other PHP versions Fixed an issue with emails about campaigns about to expire due to end date not using the user’s preferred date format Important: this v5.0 release has a number of Non-Backwards Compatible Changes: The date and time that new user accounts are created / email address is updated has changed to UTC format in the database with this release. As timezone information was not stored with the previous values, these cannot be safely converted to UTC format. As a result, all user account creation / email address update values stored before upgrading to this release may not be accurate – but only by up to +/- 13 hours. There are several changes between the legacy GeoIP and GeoIP2 databases and the upgrade process will try to migrate the rules in the best possible way: – “Regions” have been split into two levels of subdivisions and the ISO-3166 database has been updated. Depending on the country, the old delivery rule will be transformed in the appropriate subdivision level and geopolitical changes applied to the best of our knowledge – “Area code” is no longer returned. Any such delivery rule will be deleted. – The way the Geotargeting plugins work has been revamped. As such, third party geotargeting plugins or plugins depending on geotargeting information might need to be updated accordingly. Full release notes for v5.0.0 can be found on our Github page. Download, install and upgrade Revive Adserver v5.0 is available for download now. Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements. Community contributions Several new developments in version 5.0 have been sponsored by community members, either financially or in the form of code contributions. We’re very grateful for the support we’ve received. If you would like to contribute to our project, please consider becoming a patron on Patreon.com. Another way to contribute to our project, is by using the Revive Adserver Hosted edition. The post Revive Adserver v5.0 released appeared first on Revive Adserver. View the full article
  11. The Revive Adserver team is immensely proud to announce the availability of the first Release Candidate of Revive Adserver v5.0. We are pleased to announce the next major release of the Revive Adserver software, which has been given version number v5.0. Since this new version includes a large number of changes and enhancements, including some potentially breaking changes, we think it is appropriate to first publish it as a Release Candidate. This will enable users, administrators, plugin developers, hosting providers and consultants to put the new version to the test in all sorts of scenarios and environments. If everything goes according to plan, we expect to release the final v5.0 in a little over 2 weeks from today, on Monday, September 30, 2019. Here are the most important changes included in this Release Candidate for Revive Adserver v5.0: New features and enhancements We replaced the legacy MaxMind GeoIP plugin with a new version which is compatible with the newer GeoIP2 database format, as legacy GeoIP is no longer supported by MaxMind We extended the screens for managing user access to accounts, to display the most recent login date and time of users We added a feature to duplicate websites and their zones. We want to thank long time community member Heiko Weber for contributing this new feature. Bug fixes Fixed compatibility with PHP 7.4 and improved compatibility with other PHP versions Fixed an issue with emails about campaigns about to expire due to end date not using the user’s preferred date format Important: this release candidate and the actual v5.0 release later, has a number of Non-Backwards Compatible Changes: The date and time that new user accounts are created / email address is updated has changed to UTC format in the database with this release. As timezone information was not stored with the previous values, these cannot be safely converted to UTC format. As a result, all user account creation / email address update values stored before upgrading to this release may not be accurate – but only by up to +/- 13 hours. There are several changes between the legacy GeoIP and GeoIP2 databases and the upgrade process will try to migrate the rules in the best possible way: – “Regions” have been split into two levels of subdivisions and the ISO-3166 database has been updated. Depending on the country, the old delivery rule will be transformed in the appropriate subdivision level and geopolitical changes applied to the best of our knowledge – “Area code” is no longer returned. Any such delivery rule will be deleted. – The way the Geotargeting plugins work has been revamped. As such, third party geotargeting plugins or plugins depending on geotargeting information might need to be updated accordingly. Full release notes for v5.0.0-rc1 can be found on our Github page. Download, install and upgrade Revive Adserver v5.0 Release Candidate 1 is available for download now. Please keep in mind that this is a release candidate, and as such it can result in issues. If you don’t feel confident about testing release candidate software, we recommend that you wait until the final v5.0 is available. This will be announced here on the blog, on our Twitter account, and to the subscribers to our mailing list. Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements. Community contributions Several new developments in version 5.0 have been sponsored by community members, either financially or in the form of code contributions. We’re very grateful for the support we’ve received. If you would like to contribute to our project, please consider becoming a patron on Patreon.com. Another way to contribute to our project, is by using the Revive Adserver Hosted edition. The Hosted edition will be upgraded to v5.0 shortly after the new version has been released officially. The post Release Candidate 1 for Revive Adserver v5.0 appeared first on Revive Adserver. View the full article
  12. The Revive Adserver team announces the immediate availability of Revive Adserver v4.2.1. We are pleased to announce a new release of the Revive Adserver software, which has been given version number v4.2.1. This new version fixes a number of bugs that were discovered since the last 4.2.0 release, and it also addresses one security issue that has been discovered recently. Here are the most important changes included in Revive Adserver v4.2.1: We fixed an issue with the “Active Campaigns” filter, which was incorrectly hiding campaigns if it contained at least one inactive banner, and depending on the order of active or inactive banners found for the campaign. We fixed an issue with some of the required PHP extensions for Revive Adserver not being displayed in the pre-install/upgrade check screen. Security fix This version 4.2.1 also contains a fix for one vulnerability that was recently discovered and reported to us through our HackerOne security program. We strongly advise people to upgrade to the most recent 4.2.1 version of Revive Adserver as soon as possible. In case that is not immediately feasible, we especially recommend to delete or block the www/admin/password-recovery.php script. Release notes Full release notes for Revive Adserver v4.2.0 can be found on our Github page. Download, install and upgrade Revive Adserver v4.2.1 is available for download now. Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements. Community contributions Version 4.2.1 has been sponsored by several community members, either financially or in the form of code contributions. We’re very grateful for the support we’ve received. If you would like to contribute to our project, please consider becoming a patron on Patreon.com. A special thanks for their contribution to this version goes to Aqua Platform, specialists in Revive Adserver hosting, for helping test the changes to the password recovery process. Another way to contribute to our project, is by using the Revive Adserver Hosted edition. The post Revive Adserver v4.2.1 released – bug & security fixes appeared first on Revive Adserver. View the full article
  13. The Revive Adserver team announces the immediate availability of Revive Adserver v4.2. We are pleased to announce the next major release of the Revive Adserver software, which has been given version number v4.2. This new version contains several enhancements and improvements, and it also addresses two security issues that have been discovered recently. Here are the most important changes included in Revive Adserver v4.2: We’ve updated the definition of “active” Advertisers and Campaigns, to also include Advertisers and Campaigns which will become active in the future (i.e. in the “Awaiting” state), to help with their management. The Zone Probability screen now includes a link to the parent campaign for each banner. We replaced the old “weight” measure on the Zone Probability screen with the actual Campaign and Banner weights, to improve clarity around probabilities of banner display in a zone. IP anonymisation is now enabled, and OAID cookie are now disabled by default on new installations, as per our plans published in the first half of 2018 around the introduction of the GDPR. For developers: we added support for hourly statistics to the XML-RPC API. This change was contributed by the makers of the Revive Adserver REST API. We have also fixed numerous bugs, and there are also some non-backward compatible changes, so please make sure you carefully study the release notes. Important: Revive Adserver v4.2 has a Non-Backwards Compatible Change. Support for PHP 5 has been dropped and Revive Adserver now requires at least PHP 7.0.8. Security fixes This version 4.2.0 also contains fixes for two vulnerabilities that were recently discovered and reported to us through our HackerOne security program. We strongly advise people to upgrade to the most recent 4.2.0 version of Revive Adserver as soon as possible. In case that is not immediately feasible, we especially recommend to delete the adxmlrpc.php, www/delivery/axmlrpc.php and www/delivery/dxmlrpc.php files. Release notes Full release notes for Revive Adserver v4.2.0 can be found on our Github page. Download, install and upgrade Revive Adserver v4.2 is available for download now. Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements. Community contributions Several new developments in version 4.2 have been sponsored by community members, either financially or in the form of code contributions. We’re very grateful for the support we’ve received. If you would like to contribute to our project, please consider becoming a patron on Patreon.com. Another way to contribute to our project, is by using the Revive Adserver Hosted edition. The post Revive Adserver v4.2 released – bug & security fixes appeared first on Revive Adserver. View the full article
  14. The Revive Adserver team is immensely proud to announce the immediate availability of the Release Candidate of Revive Adserver v4.2. We are pleased to announce the next major release of the Revive Adserver software, which has been given version number v4.2. Since this new version includes a large number of changes and enhancements, including some breaking changes, we think it is appropriate to first publish it as a Release Candidate. This will enable users, administrators, plugin developers, hosting providers and consultants to put the new version to the test in all sorts of scenarios and environments. If everything goes according to plan, we expect to release the final v4.2 in 2 weeks from today, on April 23, 2019. Here are the most important changes included in this Release Candidate for Revive Adserver v4.2: We’ve updated the definition of “active” Advertisers and Campaigns, to also include Advertisers and Campaigns which will become active in the future (i.e. in the “Awaiting” state), to help with their management. The Zone Probability screen now includes a link to the parent campaign for each banner. We replaced the old “weight” measure on the Zone Probability screen with the actual Campaign and Banner weights, to improve clarity around probabilities of banner display in a zone. IP anonymisation is now enabled, and OAID cookie are now disabled by default on new installations, as per our plans published in the first half of 2018 around the introduction of the GDPR. For developers: we added support for hourly statistics to the XML-RPC API. This change was contributed by the makers of the Revive Adserver REST API. We have also fixed numerous bugs, and there are also some non-backward compatible changes, so please make sure you carefully study the release notes. Important: this release candidate and the actual v4.2 release later, will have a Non-Backwards Compatible Change. Support for PHP 5 has been dropped and Revive Adserver now requires at least PHP 7.0.8. Full release notes for v4.2.0-rc1 can be found on our Github page. Download, install and upgrade Revive Adserver v4.2 Release Candidate is available for download now. Please keep in mind that this is a release candidate, and as such it can result in issues. If you don’t feel confident about testing beta-level software, we recommend that you wait until the final v4.2 is available. This will be announced here on the blog, on our Twitter account, and to the subscribers to our mailing list. Once downloaded, please refer to the instructions for Installations of Revive Adserver or for Upgrading Revive Adserver. Make sure that the server(s) being used meet(s) the minimum technical requirements. Community contributions Several new developments in version 4.2 have been sponsored by community members, either financially or in the form of code contributions. We’re very grateful for the support we’ve received. If you would like to contribute to our project, please consider becoming a patron on Patreon.com. Another way to contribute to our project, is by using the Revive Adserver Hosted edition. The post Release Candidate 1 for Revive Adserver v4.2 appeared first on Revive Adserver. View the full article
  15. Exactly 3 months ago, on December 7, 2018, the first subscriber opened an account on the Revive Adserver Hosted edition. We had been collecting a waiting list of eager users since the announcement of the Hosted edition back in September 2018, and immediately after soft-launching it to the waiting list, people started joining. Later in December, we officially launched the Hosted edition for everyone. Since then, we’ve been adding new subscribers every day. We are very happy and proud that so many people and companies have decided to give the Hosted edition a try. A blog post on the Revive Adserver Hosted edition website details the uptake in the first 3 months, and also lists what we’re developing for the future of the Hosted edition. We invite you to have a look at the Revive Adserver Hosted edition, review the features it has to offer, read the frequently asked questions, and consider the pricing plans available for customers of all sizes. If you like what you see, you can sign up today and be up and running in no time. The post Hosted edition 3 months since launch appeared first on Revive Adserver. View the full article
×
×
  • Create New...