Platform updates

Plan Usage banner A live, at-a-glance card at the top of your portal showing how much of your plan you're using — disk, websites, mailboxes, databases, and on-demand backups today. Cells turn amber at 80% and red at 100% so you can see headroom before you hit a cap.

Email-to-ticket Send an email to ticket@truecorehosting.com from your registered address and a support ticket opens automatically. flame-assist runs an instant diagnosis. Replies thread back into the same ticket from either email or portal.

Auto-resolution emails When flame-assist's checks fully diagnose your issue (like a 404 from a deleted file), you get a single [Resolved] email explaining what was found — no waiting in a queue for an obvious answer. Reply if it didn't fix things and a real engineer picks it up.

Self-serve backups & restore New Backups tab — see every snapshot we hold for you, run a backup on demand, or restore from any point. Restores stage first into a separate directory so you can review before promoting; a misclick can never overwrite your live site.

Plan caps enforced server-side Mailbox count, DNS records, and daily on-demand backups now show a clear message when you hit your plan's cap, instead of an opaque error from the underlying service. Upgrades are visible from the Hosting Plan card directly.

Snapshot retention Older backup snapshots beyond your plan's keep-count are pruned automatically after each backup, keeping storage bills predictable. Flameling keeps 7 snapshots, Ember 14, Blaze 28, Inferno 168.

Site CLI commands New site email delete and site dns commands — manage mailboxes and inspect DNS records directly from your SSH session.

Per-query DNS logging Our authoritative DNS server now logs every query for transparency and faster debugging. If a customer reports a DNS oddity, we can pinpoint exactly when and from where the resolver hit us.

Fleet binary distribution restored Code updates now propagate cleanly across our nameserver nodes. A latent configuration drift had been blocking pushes silently — every node now matches every signed release as soon as we deploy.

Operator security dashboard We now have a single internal view of attack volume, defence-layer health, open CVEs, and a world map of recent threats. Helps us catch and respond to issues faster — visible to operators only, not customers.

Kernel-level threat blocking Banned IP addresses are now dropped at the network driver before they consume any server resources — before a connection is even opened. Previously bans were enforced later in the network stack. This reduces the cost of active attacks to near zero.

Slow brute-force detection Attackers who space login attempts over hours to avoid rate limits are now detected and blocked. The intrusion system tracks both short-window and long-window failure counts simultaneously.

Bans survive restarts Active bans are now automatically re-applied if the security service restarts or the server reboots. Previously a restart created a brief window where banned IPs could reconnect.

Cloudflare IP ban enforcement Hostile requests arriving via Cloudflare IPs are now banned directly rather than skipped. The system identifies which site was targeted to avoid incorrectly blocking legitimate Cloudflare traffic.

SSH exhaustion attacks blocked instantly Clients that exhaust the maximum number of SSH authentication attempts in a single connection are now banned immediately rather than requiring repeated attempts across multiple connections.

Fleet-wide ban sharing A ban triggered by activity on any node propagates to all infrastructure nodes within seconds. An attacker hitting one nameserver is blocked across the entire fleet.

Binary integrity verification Every service binary is cryptographically signed and verified before it can run. A tampered or replaced binary is refused at startup and alerts the operator. Signing requires a passphrase — a compromised server cannot silently re-sign malicious binaries.

SSH session auditing All commands run during customer SSH sessions are logged. This provides a clear record of what happened if something goes wrong, and deters misuse.

Site commands over SSH Customers can now run a set of management commands directly from their SSH session: check site health, view SSL certificate status, renew SSL, manage email accounts, tail web and error logs, and trigger a manual backup — without needing to contact support or log in to the portal.

WordPress-aware security Sites marked as WordPress installations are treated differently by the security layer. Standard WordPress admin paths are permitted; known attack paths targeting WordPress are blocked regardless of whether a WordPress site is present.

DNS zone changes propagate immediately Zone file changes now replicate to all nameservers within seconds and reload automatically. Previously an intra-day change might not be seen by secondary nameservers until the next day.

Automatic DNS failover Each nameserver monitors ember independently over the private network. If ember becomes unreachable, DNS is automatically pointed to a maintenance address and restored the moment ember comes back — without manual intervention.

Backup timestamps and reliability Backup log output now carries accurate timestamps, making it straightforward to see exactly when each step ran. The disaster recovery restore path was verified end-to-end against a real snapshot.

Website Editor — CSS and JS editing Your stylesheet and script files now appear in the Website Editor sidebar under Styles & Scripts. Click any .css or .js file to edit it directly — changes save atomically, the same as HTML pages.

Website Editor — edit your site in the browser You can now edit your website's text and content directly from your portal without touching any files or code. Click text to edit it, see your changes live, and hit Save. Switch to Raw mode if you want to edit the full HTML source. A backup of your site is saved automatically before any theme is applied, and you can restore it any time.

Theme library Three professionally designed themes are now available in the Website Editor. Preview any theme in your editor before applying it. Applying a theme backs up your current site first — you can restore it instantly if you change your mind.

Flame Stars — portal redesign The Stars page has been rebuilt. Your active vouchers and processing redemptions are now shown side by side with the catalogue — no more scrolling. Voucher codes appear directly in your portal the moment a reward is fulfilled. Redeeming a gift card now lets you pick your preferred brand (Costa, Starbucks, or Amazon) and confirm your delivery email in one step. A confirmation email is sent automatically when your reward is ready.

Flame Stars loyalty programme Every account now earns stars automatically. Stars are deposited monthly based on your plan, with surprise bonuses for sticking around and occasional Ember's Blessings — a random bonus dropped into one active account a month. Stars can be redeemed for gift cards, free hosting months, priority support, and domain credit.

Portal password with two-factor login Customers can now set a portal password. Once set, login requires the password plus a one-time code sent to your email. The existing magic link flow is unchanged for customers who prefer it.

Domain management from the portal Customers with domains registered through TrueCore can manage auto-renewal and initiate domain transfers directly from their account portal.

Bring your own domain at signup Customers who already own a domain can now use it at signup without registering a new one. The system identifies your current registrar and shows a specific guide for transferring nameservers.

Choose your email handle at signup Customers can now choose the local part of their primary mailbox at signup — for example hello@yourdomain.com instead of the default admin@.

Light theme, font size toggle, and portal polish The customer portal and marketing site now support a light/dark theme toggle and a font size toggle, both persisted across visits. Ticket submission includes an affected-domain selector. Closed tickets redirect automatically.

Email-to-ticket support Customers can open and reply to support tickets by email. Replies thread correctly in both the portal and in your email client.

Browser caching — faster repeat visits HTML pages now carry no-cache headers so your browser always checks for updates. Static assets (CSS, JS, images) carry long-lived immutable headers so they load instantly from cache after the first visit. No action needed — this applies to all customer sites automatically.

Public status page Live nameserver health and support queue stats are now visible at /status — no login required. Nameserver latency is measured in real time from each location.

Automated support triage Common support tickets (DNS propagation, SSL errors, SSH key issues, email DNS) are now automatically diagnosed. Where the underlying issue has resolved itself, tickets are closed automatically with a clear reason.

Service restarts are non-disruptive Infrastructure services that restart (for updates, crashes, or maintenance) reload their configuration and re-establish their state automatically. No manual cleanup required after a restart.

Fleet SSH access hardened The key used to push updates to fleet nodes cannot open an interactive shell — even if the primary server were compromised, an attacker could not pivot to a full shell on nameserver nodes via that key alone.