Heartbleed? OpenSSL? Is My Website at Risk?

heartbleed vulnerabilityI suspect that you may have seen a lot of news about Heartbleed, a significant bug impacting the security of many SSL transactions over the web.

What is SSL?

SSL stands for Secure Sockets Layer and it is this protocol that protects the sending and receiving of information between your web browser and almost all websites where you’re doing banking, ecommerce or passing other sensitive data.

What is Heartbleed?

There are multiple implementations of SSL, but the most popular implementation is OpenSSL. Not all versions of OpenSSL have the security bug, but many do. ReadWriteWeb has a good overview article on the Heartbleed vulnerability.

Is My Website Vulnerable to Heartbleed?

The Lieberman Technologies Web Support Team has proactively run through all of the websites and servers that we host and which use OpenSSL and have determined that none of our customers were ever at risk. The version of OpenSSL we’ve been using does not contain the Heartbleed vulnerability.

Am I at Risk?

This doesn’t mean that you are completely protected as a user.

It is very likely that you’ve used one or more websites that have the vulnerability. You may have already received an email from some of these websites informing you as to whether their website had the vulnerability. If they were vulnerable, they likely asked you to change your password. We recommend that you follow their advice.