What is OpenSSL Heartbleed Bug for Server Protection
What is Heartbleed?
The Heartbleed bug is one in every of the foremost serious security flaws discovered within the OpenSSL encoding library. This vulnerability was caused by a software error created throughout the implementation of a replacement feature within the OpenSSL TLS protocol.
This vulnerability affects a key part of the system that has a secure association, permitting others to browse your encrypted knowledge. This means: a hacker then has the power to browse keys, passwords and different secret knowledge.
Which servers/ varieties of services square measure affected?
This primarily affects all web servers that use OpenSSL encoding. Not solely net servers, however usually conjointly those used for E-mail, Plesk, VPN and different services.
What versions of OpenSSL square measure affected?
The security gap affects OpenSSL versions ranging from one.0.1, up to 1.0.1f.
If one in every of the OpenSSL versions named on top of is put in on your server, we have a tendency to powerfully suggest you run Associate in the Nursing update. Most operating systems already provide Associate in a Nursing update.
Not affected are:
OpenSSL Versions 1.0.1, OpenSSL 1.0.0 and OpenSSL zero.9.8
Customers with a HostingRaja web hosting package (Shared Hosting) or a HostingRaja Managed Server.
How do I do know if my HostingRaja server has been attacked?
By default, OpenSSL is put in on all UNIX distributions. you'll be able to notice the version put in on your server by mistreatment the subsequent Shell command:
What am I able to do if my server is stricken by the bug?
Update your system as presently as potential. Most UNIX distributions already provide security updates which will be performed mistreatment the quality repositories.
Replace or renew your SSL certificate. sadly, it cannot be dominated out that knowledge or keys have already been browse.