Timetable for migration to AltaGrade

As you might know we first announced the launch of our new AltaGrade website and the new hosting platform back on November, 2018. Since then we've been accepting new orders on and migrating Drupion customers who wanted immediate upgrades to the new system.

As for the remaining part of our Drupion customers, we'd like to express our sincere gratitude for your patience and understanding, and finally present to you the roadmap and timetable of how and when exactly your projects still hosted on Drupion will be migrated over to AltaGrade's new platform.

AltaGrade is built with security in mind!

The above slogan that we've put on out front page's hero banner image is not just another marketing gimmick or empty words. The feature-rich AltaGrade hosting platform has been designed to provide high performance, high availability, redundancy, but above all the reliable, secure and well-protected hosting services.

Our Drupion customers are aware that we've always taken excellent care of all server-side operating system matters in timely manner, letting them concentrate on just running their websites. At the same time, we've always trusted the full root access to our cloud and dedicated hosting plan subscribers, so if desired they or their technical staff-members could manage any server-side configuration settings on their own.

And the described workflow, built on trust and confidence, worked well for many years. Until it started to occasionally fail. Mostly because of the very innate flaws of such reliance-based systems: we believed customers would keep the community-contributed and custom code on their websites constantly updated. As a matter of fact, several major security vulnerabilities, which shook Drupal community in recent years and which are notoriously nicknamed as Drupalgeddons, have proven to us that taking responsibility for all server-side tasks and even running automated core updates for opted-in customer Drupal websites were not enough to keep customer projects secure.

Just as most of other hosting vendors, we didn't want to impose our services to interfere with inner workings of customers' web-applications. The automation of updates for the community contributed and custom-made modules, libraries, themes is not a trivial and almost impossible task. However, if we hypothetically created and tried to offer such automation, then many customers would definitely find such initiative as too intrusive and not-desired, because often times for various reasons they have to stick with the older versions of some modules and libraries or some times they simply do not have enough financial resources or tech-staff power to pull the burden of running such updates in timely manner.

And since manual intervention to thousands of websites hosted on Drupion would be very much cumbersome, we had no other choice, but to insistently request our customers to update their websites in time by creating tickets, sending newsletters, publishing security advisories on Drupion's blog and twitter feed. Unfortunately, with too many breach points left at customers' discretion, we started to witness more number of exploit cases on customer projects. Thus came up high times for taking decisive changes.

Our answers to new challenges is the new AltaGrade platform at your disposal, on which nothing like the described cases can ever happen. Thanks to many security improvements on the system, but mainly of two reasons:

1. We do not provide the root access to customers anymore on AltaGrade platform effectively locking access of their usernames, which potentially could be accessed by malicious parties, within their accounts and respective home directories only. However, at the same time AltaGrade customers enjoy full control of their hosting accounts and can manage variety of server-side configurations through either very intuitive and much improved control panel or specially requested command-line access levels.
2. We enforce enabling the upgrade notification modules on client applications and configure them to send automatic notifications to our backend system, where we have two scenarios:

   a) We offer special tier-level support on AltaGrade for not only clients' web-application cores, but also for the contributed and custom modules, libraries and themes. So for this category of AltaGrade customers we will run all the security updates as soon they are publicly rolled out.

   b) For customers, who are not subscribed to the special tier-level support and wish to manage their community-contributed modules, libraries and themes by themselves, we create urgent tickets and send immediate warnings, requesting them to run updates against newly found security vulnerabilities within the next 24 hours. After the given time-frame has passed and updates are not done, the AltaGrade staff-members start manually performing such security updates for additional charge.

Better pricing, lot's of new features!

You might have already noticed on https://www.altagrade.com, that we've reduced our prices for all shared, cloud and dedicated server hosting plans. Be also assured that after you are migrated and registered on AltaGrade platform, you will also notice we've significantly dropped our prices for add-on services like registering/renewing domain names, A-grade commercial SSL certificates (for those who do not want to use free of charge Let's Encrypt certificates), remote off-site backups and also introduced new services like CDN, scanning your websites for viruses and malware, restoring or migrating your websites, etc.

HTTPS-everywhere, Varnish, Memcache, Apache-solr

To improve security and performance, we are going HTTPS-everywhere on AltaGrade. Yes, all the websites hosted on AltaGrade must be served trough HTTPS protocol. You can read the detailed information about HTTPS-everywhere philosophy on https://www.eff.org/https-everywhere.

We'll be maintaining Drupion's traditional Varnish, Memcache, Apache-solr trio promise to our customers also on AltaGrade platform without additional charges. The known incompatibility between Varnish and SSL has been addressed by introducing a special proxy-server that forwards the HTTPS-requests to Varnish.

Unlimited tickets, account credits

Another good news is that we are dropping Drupion's Unlimited Ticket Support package. Yes, you can create as many tickets on AltaGrade as you need without any additional charge! Moreover, we'll start actively granting account credits to our customers for various reasons, the details of this new feature you can read about on https://www.altagrade.com/help/dashboard/account#account-credits

We will announce lot's of other exiting changes and improvements in the coming weeks and months. As for now, please keep reading further on why we are taking it so slow.

So what's holding us from migrating to AltaGrade now?

We've been working hard to offer to the public much better system in comparison with morally outdated Drupion's customer portal. AltaGrade has already been launched into production and currently is servicing the growing number of new customers. Nevertheless, we are still working on some remaining issues and soon will able to start the massive migration from Drupion. In particular, there are two main reasons we are still taking it slowly:

1. Incomplete Documentation

   Please visit out Help Center on https://www.altagrade.com/help and go through the AltaGrade Dashboard, Tutorials, Tools sections to find much more detailed information with screenshots. What we're still missing is the documentation for Control Panel. Unfortunately, we won't be able to write up the documentation for Control Panel until we finish working on its full automation and we need about three more weeks for that.

2. Manual migration of large number of customer accounts

   Our long-time customers know that we do not store customers' credit card information locally, completely delegating the processing of all payments to our payment gate partner, Stripe. That means we can not simply take all Drupion customer account records and quickly copy them over to AltaGrade's backend. So to keep our new system clean and tidy, we've preferred to go through scrupulous and cautious manual migration of customer data instead. Taking into consideration we have quite large customer data-base at hand, we plan to finish migration within the following timetable:

• Till the end of April all the Drupion shared hosting plan customers will be migrated to AltaGrade;
• In the first half of May, we plan to finish migrating all Drupion cloud customers;
• Taking into account the largest and most complex projects run on Drupion dedicated servers, we will start working on their migration on the second half of May and plan to finish till the end of June.

Last but not least, Drupion customers who wish to maintain the full root access to their servers will be able to keep their current servers intact. However, at the same time they will have to keep paying the higher old Drupion prices for their hosting plans. Additionally, since we are going to completely close Drupion Dashboard, they will have to switch to AltaGrade platform for ticketing and billing purposes anyway.

I hope the above information has given to Drupion customers some peace of mind as to what's going to happen to their websites. Please be absolutely sure they will be happily running on AltaGrade platform with better performance, stability and security!

See you all soon on AltaGrade!