Portal HomeClient AreaAnnouncementsKnowledgebaseSupport TicketsDownloads

You are here: Portal Home > Knowledgebase > News and Updates > Heartbleed Vulnerability update 4/11/14

Heartbleed Vulnerability update 4/11/14

In case you have not read about it, Hearbleed is a name the security community has given a recently detected vulnerability in the secure communications protocol used on the Internet.  This vulnerability affected more than half of the servers on the Internet and was a danger to ecommerce transactions.  Our servers were running software that contained this vulnerability.

Heartbleed was discoverd by a security company in Finland and they released the details about the vulnerability on April 7th.  The major OS providers had patches out on April 8th.  We patched our servers the night of April 8th and have been secure since.  I went through on the 9th and re-keyed every Secure Socket Layer certificate on our servers, just in case any keys were compromised prior to the patch.  The software with the 'bug' has been in use for the last 2 years, so it is possible someone used this to break security.  We have no indications that this vulnerability has been compromised.  There have been no reports to date of any compromise on the Internet due to this problem.

So you may be asking, "What can I do?"  The answer is to change your passwords.   Now is a good time to change all of your passwords.  I know how difficult this can be, but it is necessary to maintain security.

You can change your account passwords through the cPanel interface and your email passwords through the cPanel or webmail interfaces.

For more information about changing your passwords see Knowledge Base article here:  http://linux25.com/clientarea/knowledgebase.php?action=displayarticle&id=13

Was this answer helpful?

Add to Favourites
Print this Article

Powered by WHMCompleteSolution