Blogs

911 Website Repair Blog

Tips and tactics for better website performance and security.

Heartbleed Virus :: what you need to know

Our customers have been contacting us with their concerns over this virus.

 

Here are some facts you need to know

 

1) this is a server side issue, your hosting company has to patch their server

2) it has existed for over 2 years, it is not new

3) no website virus scanner will detect it

4) this isn't simply an issue on your personal computer or your phone — it's in the software that powers the services you use.

5) simply changing your passwords will not help

6) the vulnerability leaves no trace

 

 

Here is the simple explaination of how it works.

 

It involves a flaw, a hole, a vulnerability in a server protocol called OpenSSL, the open-source encryption standard used by the majority of websites that need to transmit the data that users want to keep secure.

 

Your site certificate (SSL) keeps the information being transmitted secure by using something called, Encryption. Your SSL needs openSSL to work. Encryption makes the data being sent look like nonsense to anyone but the intended recipient. Occasionally, one computer might want to check that there's still a computer at the end of its secure connection, and it will send out what's known as a heartbeat, a small packet of data that asks for a response.

Because of a programming error in the implementation of OpenSSL, the researchers found that it was possible to send a well-disguised packet of data that looked like one of these heartbeats to trick the computer at the other end into sending data stored in its memory.

 

This is about as simple as I can make it.

 

You need to call your hosting company and make sure your server is patched. Then change your passwords. Replace your site certificate if you can, they can be effected also.

 

There is a website with detailed information

http://heartbleed.com

 

One more importnant issue. The hosters are really going to push to upgrade their server software. Thus, now more then ever, if you dont upgrade your websites, they will go down as they are not compatible with newer server software. If you have not upgraded your websites, DO IT NOW. Better to have it done then to find out your site is suspended and your going to be off line for weeks as your site is being upgraded.

 

I hope everyone makes out ok. Let us know of questions or concerns

 

 

Share this article:

can u fix my website
Heartbleed and Hostgator customers

Contact Us Or Start a Project With Us

Drop us a quick message to the right and let us know what kind of project you are interested in us tackling for you. We hope to hear from you soon!
Call Us at This Number +1-860-294-2444
Please let us know your name.

Please let us know your email address.

Please let us know your message.

Invalid Input

Log in

Register

You need to enable user registration from User Manager/Options in the backend of Joomla before this module will activate.