Top VPS Hosting Provider

web hosting

Security Advisory – OpenSSL vulnerability / Heartbleed bug (CVE-2014-0160)

by Technical Support on April 9,2014 11:09 pm

Dear VPS Customers,

As some of you may be aware, there is a new vulnerability in OpenSSL called the “Heartbleed Bug” (CVE-2014-0160) which affects any server utilizing this for SSL connections.

The Heartbleed bug allows an attacker to send a SSL/TLS heartbeat request to the server, which sends back a 64KB chunk of memory to the attacker. This memory can contain sensitive information, such as HTTP sessions & GET/POST requests or even the server’s private key which is why it is very important to patch for this vulnerability.

Please follow the below instructions to patch your system:

For CentOS VPS (no control panel or Webmin):

1) Run the following commands as the root user via SSH:

yum check-update
yum update openssl
service httpd restart
service webmin restart

For Ubuntu VPS (no control panel or Webmin):

1) Run the following commands as the root user via SSH:

apt-get update
apt-get install openssl libssl1.0.0
service apache2 restart
service webmin restart

For Debian VPS (no control panel or Webmin):

1) Run the following commands as the root user via SSH:

apt-get update
apt-get install openssl
service apache2 restart
service webmin restart

For cPanel VPS:

1) Login to WHM at http://<your-VPS-IP>/whm
2) Find the link “Update Server Software” then click the Proceed button
3) Next find the link “Update System Software” then click the Proceed button
4) Next you will need to update to the latest version of WHM using the “Upgrade to Latest Version” link
5) SSH into your server as the root user and issue the following commands:

service httpd stop
service httpd start

Servers with Plesk remain unaffected along with our shared hosting servers.

If you need additional help with these steps, please feel free to get in touch with us at support@myhosting.com .

Regards,
Your Customer Support Team

Previous post:

Next post:

Website Hosting and Domain Hosting Email Hosting Services, Pick Up Your Email
© 2013 SoftCom Inc. All rights reserved.