At approximately 07:00 -0800 on Wednesday, January 30th, 2019 we were made aware of a security vulnerability in the installation process for servers via our public GitHub repository for Pterodactyl. The issue was tagged as a P: Critical bug, and quickly circulated in our internal moderation channel while we sought to reproduce it. Upon further investigation it was discovered that the issue affected a significantly more extreme scope than was initially reported. At that time the public issue was pulled from our repository due to
Here at Pterodactyl we use Laravel Dusk to perform automated browser testing of the application in development. Dusk provides a fluent interface for interacting with Facebook's PHP Webdriver implementation, and allows us to quickly generate tests. Dusk also ships with the ability to hot-swap environments allowing us to run tests against a testing database rather than obliterating the development database (not that it hasn't happened before). This is done by adding the DatabaseMigrations trait to the base Dusk class. When this is done each test that
When I try to think about explaining this period of our company, it's hard to put into words the genuine changes Pterodactyl had on the people which naturally form the company. Better yet, the issues I expected to occur? They never happened.
Today I am releasing Pterodactyl Daemon v0.4.6 to address a DoS attack vector in the Daemon as well as address a race condition in the code causing some headaches for large hosting providers. This blog post will quickly cover what was discovered, how it affects you, and what was done to address it. I was made aware of a potential issue in the Daemon earlier this week when a member of our support team and developer at a hosting company using Pterodactyl reported unexplainable
In previous versions of Pterodactyl you had very few configuration options available in the Admin CP. For the most part this was done because I was moving quickly to implement other features and abused Laravel's excellent configuration system to keep track of things. There were many instances were users had to ask around to figure out what environment variable they needed to change in order to toggle a feature on or off. No more though! Pterodactyl@0.7 introduces a much improved Admin UI that allows