Top VPS Hosting Provider

web hosting

[Updated: Please Read] Security Advisory – OpenSSL vulnerability / Heartbleed bug (CVE-2014-0160)

by crm on April 12,2014 5:00 pm

 

Hello again Valued Linux VPS Customers,

This is an updated post to include steps that will update all the necessary packages.

We can see that quite a few of you have taken steps to address the vulnerability in OpenSSL called the “Heartbleed Bug” (CVE-2014-0160) which affects any server utilizing this for SSL connections.  But there are still a number of you that have not.

For those of you that are unaware, the Heartbleed bug allows an attacker to send a SSL/TLS heartbeat request to the server, which sends back a 64KB chunk of memory to the attacker.

This memory can contain sensitive information, such as HTTP sessions & GET/POST requests or even the server’s private key which is why it is very important to patch for this vulnerability.

We are taking steps to ensure that our network is more secure and so we kindly ask that you change your passwords so they are different for your various logins and contain a unique combination of numbers, capital letters and punctuation.  Also, please follow the below instructions to patch your system:

 

For CentOS VPS (no control panel or Webmin):

1) Run the following commands as the root user via SSH:

yum clean all && yum update “openssl*”

 

For Ubuntu and DebianVPS (no control panel or Webmin):

1) Run the following commands as the root user via SSH:

apt-get update && apt-get install openssl libssl1.0.0

 

For cPanel VPS:

1) Login to WHM at http://<your-VPS-IP>/whm

2) Find the link “Update Server Software” then click the Proceed button

3) Next find the link “Update System Software” then click the Proceed button

4) Next you will need to update to the latest version of WHM using the “Upgrade to Latest Version” link

5) SSH into your server as the root user and issue the following commands:

service httpd stop

service httpd start

 

Servers with Plesk remain unaffected along with our shared hosting servers.

 

After the above steps to patch your server you must reboot the entire container to make sure that the changes take effect.

 

If you need additional help with these steps, please feel free to get in touch with us at support@myhosting.com .

 

Regards,

Your Customer Support Team

Previous post:

Next post:

Website Hosting and Domain Hosting Email Hosting Services, Pick Up Your Email
© 2013 SoftCom Inc. All rights reserved.