Apr 2014
14th
Heartbleed vulnerability
Leave a comment »
If you are hosting an SSL site on a server running OpenSSL version 1.0.1 - 1.0.1f or 1.0.2 with the HEARTBEATS extension turned on then your site has been vulnerable to a Heartbleed attack. You should upgrade to OpenSSL version 1.0.1g, rebuild OpenSSL with -DOPENSSL_NO_HEARTBEATS, or move your site to a more secure host.
Is your site vulnerable to the Heartbleed attack?
Here are four independent sites that will check your server:
https://filippo.io/Heartbleed/
http://www.digicert.com/help/
http://safeweb.norton.com/heartbleed
https://ssltools.websecurity.symantec.com/checker/views/certCheck.jsp