Pagoda Box v2 Now Available – v1 Is On Its Way Out

If you haven’t heard the news already, Pagoda Box v2 is now available. Pagoda Box v1 will be decommissioned at the end of March 2015.

Pagoda Box v2 can be accessed at We have provided a v2 Migration Tool called “Butler” that is available in your v1 app dashboard. The following docs walk through the migration process as well as steps you can take to make the migration process as smooth as possible.

Things to Know When Moving to v2
Prepping Your App for a Smooth v2 Migration
Using Butler – Migrating from Pagoda Box v1 to v2

Know that this will be that last post to this, the v1 blog. All future posts will be posted to the v2 blog. If you have any questions, please feel free to contact Pagoda Box support.

Pagoda Box & the OpenSSL Heartbleed Vulnerability

Earlier this week, news of a vulnerability of the widely used OpenSSL library rattled nerves of developers and web hosts around the world. The Heartbleed bug, aka CVE-2014-0160, allows the stealing of “information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).”1.

Pagoda Box users can take a sigh of relief. All apps are protected from the Heartbleed vulnerability.

Apps on Pagoda Box are Not Vulnerable

The Heartbleed bug stems from OpenSSL’s implementation of the TLS/DTLS Heartbeat extension. Heartbeat is basically keep-alive functionality in the SSL handshake process that reduces the overhead of TLS negotiation.

While OpenSSL is used on Pagoda Box, it is only used for doing the heavy lifting of encrypting data. The SSL handshake and heartbeat are implemented in Erlang. All SSL connections with Erlang are safe from buffer overflow attacks like the Heartbleed vulnerability.

No specific actions need to be taken for apps on Pagoda Box, however, we do recommend checking with other services or service providers you may be using to see if they are susceptible to the vulnerability. They may suggest things you can do to make sure your information is secure.


Hosting Facebook Apps on Pagoda Box

Many Facebook apps and promotions are designed to pull in traffic quickly, service users for a relatively short amount of time, then either ramp down or completely go away. Pagoda Box is perfect for these types of apps, providing functionality necessary to quickly ramp up to handle traffic, then scale back down when demand goes away. This post walks through what you need to know to get started hosting Facebook apps on Pagoda Box.

Continue reading

Shared Writable Storage Interruption

Earlier today, at approximately 2:00 AM MDT (8:00 UTC) there was an interruption in our writable storage cluster that affected some app’s ability to access certain files within shared writable directories.

Continue reading

MacMagazine Scales to Cover Apple’s Keynote Address strives to be the best Apple-related site in the Portuguese language, covering everything in the Apple world (Mac, iPhone, iPad, iPod, OS X, iOS, iTunes, etc.). Launched in 2002, the site has been hosted on Pagoda Box since November 2012, and averages 300 – 450 active users on the site at any given time.

During coverage of Apple’s recent WWDC keynote address, MacMagazine used multiple Pagoda Box features to troubleshoot, update and scale their application on the fly. The quick adjustments help them to reach and sustain what was likely their all-time high of ~2,100 concurrent users (this is still being confirmed).

This post is an overview of their site, a timeline of the issues they faced, and the tools they used to scale their site for 5X their typical traffic. It’s not a perfect story, but it highlights how to assess performance and scale on Pagoda Box.

Continue reading

More Information About the Pagoda Box App URL Change

On Monday, June 10, we will begin the process of changing Pagoda Box app URLs from “” to “” We’ve outlined the transition process below to help allay concerns about possible affects on application uptime and ease any transition pains.

Continue reading