Article

Check if your site has Heartbleed vulnerability

Heartbleed Logo

According to The Heartbleed Bug website, 

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

You can check your website SSL port for Heartbleed vulnerability with the online Heartbleed check tool.

If you are a server admin with root access, you can check the OpenSSL version with this command:

openssl version

Also, you can check if OpenSSL is vulnerable by typing this command:

rpm -q --changelog openssl-1.0.1e | grep -B 1 CVE-2014-0160

If you see something like this, your SSL connections are secured and not affected by Heartbleed vulnerability.

* Mon Apr 07 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-16.7
- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension

By the way, cPanel automatically updates your server software so if you have a valid license, you should be OK by now.

Rate this article: 

Average: 3.7 (11 votes)

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
 

Portfolio

Samples of work done for me or my customers, for free or not, like websites, repairs, photography etc.
View all my recent work

 

Tutorials

I'm giving away some knowledge in my areas of expertise. Did you like something here? Share it please!
View all tutorials

 

Snippets

Useful Linux commands or other code snippets I often use.
View my useful shortcuts

 

Resources

Few bookmarks I find useful. Do you want website here? Give me a good reason and I can help you.
View my favourite web resources

About me

Hi there! My name is Marius Cârneală.

About me?

Loving husband, dad of one two three, drone pilot, web designer and administrator, SEO specialist, IT support guy, electronic hobbyist and content writer. This list is open.