BLOG
Safe from the so-called “Heart bleed” OpenSSL security hole

Safe from the so-called “Heart bleed” OpenSSL security hole

There are few examples of a security vulnerability which got in no time a site of its own like it happened a few hours ago with the so-called “Heart bleed” exploit of OpenSSL, which is implementing the SSL/TLS encryption in HTTPS-enabled sites running on nginx and Apache. What is it about, shortly? It allows connected users to read data directly from the server memory that is running it, including encryption keys – announced on http://www.openssl.org/news/vulnerabilities.html#2014-0160

We are using OpenSSL on our customers’ secure wp-admin dashboard, as well as on the Oxygen dashboard, but there is no reason to worry about it as we have upgraded the OpenSSL library with the new version that solves it completely. Also, all security keys have been preemptively changed, in order to insure a zero tolerance to the threat.

If you are not hosted on Presslabs, you should check the status of your HTTPS install with a handy tool made by Filippo Valsorda and available both as source code and as a web app: http://filippo.io/Heartbleed/.

Smart Managed WordPress Hosting

Presslabs provides high-performance hosting and business intelligence for the WordPress sites you care about.

Get Started