Heartbleed bug

[Retired Member]

Is Gigarank vulnerable to the Heartbleed bug (CVE-2014-0160) and
is it necessary to apply some changes ?

 

[Snowflake]

I was wondering the same thing. Read about that on tumblr. Can someone tell me if I have to change my passwords everywhere to be safe, even on here?

 

[GigaGreg]

That is something good to point out, because our boss DJB(Chriss) will be able to do something about it and deploy it with our tech admin.
I guess we are safe, its Gigarank.

http://heartbleed.com/

 

[Genesis]

I'd change my passwords any way - not only for the bug, but as a precaution, particularly when it is a WordPress site. I'm as guilty as any one else not doing it, but it is important to do it. Not as a luxury, but as a necessity.

 

[admin]

Thank you for bringing this to my attention, openSSL has been updated.


http://www.cloudlinux.com/blog/clnews/464.php

 

[GigaGreg]

Your welcome Chris. Gigarank is the best.

 

[Peter]

This bug only affects https:// pages, right? Because normal http:// doesn't really have any security built in to the protocol at all so I guess http:// is still as insecure as ever (even less secure than https:// with the heartbleed bug).

 

[Retired Member]

Thank you for this informations.

Another question:
Is it necessary to reissue (renew) the certificate of cPanel server ?

I read somewhere yesterday, changing the password is usefull AFTER
renewing the certificate? Can someone confirm this?

 

[Genesis]

Interesting name .... heartbleed .... wonder where the name came from?

I also learned that the bug originated with someone who wanted to prove a point about the loophole ...
http://www.webhostingtalk.com/showthread.php?t=1364373

 

[Retired Member]

The bug is located in the so called heartbeat extension of OpenSSL
of which the name heartbleed is derived from.

 

[admin]

I`ve done every check possible, we are protected against the ssl bug. Including restarting all services.

 

[Genesis]

That's awesome, thanks Chris! :good:

 

[Retired Member]

Thanks DJB, glad to hear.

 

[Hells Bells]

Have seen this when I registered a free domain somewhere. Warnings all over the place. Nice to know that Gigarank is safe.

 

[Sander k]

I`ve done every check possible, we are protected against the ssl bug. Including restarting all services.

Which security are you using?

Did you check all 500,000 lines of code?

 

[admin]

I`ve done every check possible, we are protected against the ssl bug. Including restarting all services.

Did you check all 500,000 lines of code?

Yes all 500,501 lines :wink: