Hosting explained. Platform updates, technical guides, and no-fluff insight from the team that built TrueCore.
A pre-auth CRLF injection bug in cPanel let attackers ransomware around 44,000 servers in a few days. We don't run cPanel — but the bug class is generic, and we audited our own outbound mail code the same week to make sure we hadn't shipped the same shape of mistake.
Read →Every morning, a small daemon reads the day's security advisories, cross-references them against the exact package versions on our fleet, and posts what's actionable to Discord. Here's the design and what it found on day one.
Read →Most hosting providers point your domain at Cloudflare's nameservers and call it a feature. We operate our own three-nameserver fleet — flame-dnsd, on three independent boxes, with sub-five-second zone propagation. Here's why.
Read →We had a freshness-monitor bug that made backups look healthy when they weren't running. We caught it. Here's the story, and why automated 'backups OK' green ticks deserve healthy scepticism.
Read →When a critical Linux kernel CVE drops, the question isn't 'will the patch land' — it's 'what do you do in the meantime?' Here's how we mitigated Copy Fail across the fleet in hours, before the kernel patch shipped.
Read →What happens to your data if our primary server is destroyed and we lose all the keys with it? Nothing — because we use Shamir secret sharing to split the master key across the fleet, and a single share goes offline with us.
Read →We built a mood dashboard for our infrastructure. Each service tells you how it's doing, in its own words. Here's why, and what it actually looks like.
Read →Every TrueCore account includes SSH access. Here's how to add your key, what's available in the shell, and how the site CLI exposes the same functionality as the portal from your terminal.
Read →OPcache stores compiled PHP bytecode in memory so WordPress doesn't re-parse hundreds of files on every request. Here's what it does, how much it helps, and how to verify it's working.
Read →Automated health checks, fleet-wide DNS sync, and Discord alerts — the homegrown monitoring stack keeping TrueCore's infrastructure running around the clock.
Read →Plan-based offsite backups to Backblaze B2, from 24-hour cycles on Flameling to 30-minute on Inferno. Here's how the full backup chain works from your site to cold storage.
Read →WireGuard is a modern VPN protocol built into the Linux kernel. Here's how we use it to connect our fleet of servers without exposing management traffic to the public internet.
Read →Nameservers, A records, TTL, and propagation — a plain-English walkthrough of how typing a URL in a browser ends up loading your site from our servers.
Read →When we update the kernel or apply security patches, here's the exact sequence of events, how long downtime is, and how we communicate it to customers.
Read →XDP kernel-bypass drops, nftables bans with automatic escalation, and nginx rate limiting — our layered approach to keeping bad actors off the server.
Read →Every Ember plan and above gets a dedicated PostgreSQL database, isolated at the process level. Here's why that matters for performance, security, and reliability.
Read →cPanel costs money per account, carries fifteen years of legacy complexity, and runs things our customers don't need. So we built something that only does what matters.
Read →We use Linux cgroups at the kernel level to enforce resource limits. No soft caps, no fair-use policies. Here's what that actually means for your hosting account.
Read →