you're reading...

Founders BLOG

Stop Heartblead in WordPress to Cloud

If you’re running a WordPress to Cloud instance you may be affected by the heartdbleed bug. You are not alone (it’s estimated that the bug affects 66% of the Internet), but you need to take action to protect your website. Fortunately, it’s very easy to do with Webmin or command line.

The key goal is to make sure that OpenSSL software is up-to-date. The affected OpenSSL versions are 1.0.1 through 1.0.1f, but you also need to pay attention to the build date, because some distributions patched OpenSSL without changing the version. If OpenSSL was built earlier than April 7, 2014 then it is vulnerable and needs to be patched.

Webmin

Log into Webmin, and navigate to Others, then to Command Shell, paste the openssl version -a command and execute it:

After the command is executed, look and the result and check the version and the build date. Here is an example of a vulnerable one (built on January 8, 2014):

To update OpenSSL to the latest version, you can use the yum -y update openssl command:

After the update finishes, you can check OpenSSL version again to make sure it’s now patched:

That’s it! Now reboot the instance to make sure all software uses the patched OpenSSL and you’re good to go.

Command Line

Connect to the instance via SSH and run the following command:

openssl version -a

Check the version and the date (see Webmin screenshots above), and if your OpenSSL is vulnerable run the following command:

sudo yum -y update openssl

That’s it! Now reboot the instance to make sure all software uses the patched OpenSSL and you’re good to go.

New to WordPress to Cloud? Launch one today to Amazon or Google cloud. The latest images are patched and ready to run.

Discussion

4 Responses to “Stop Heartblead in WordPress to Cloud”

  1. Loaded plugins: priorities, update-motd, upgrade-helper
    852 packages excluded due to repository priority protections
    No packages marked for update

    Posted by yongyi qin | April 9, 2014, 6:48 pm
  2. After that you need to replace ssl certificate. And after that change your password.

    Posted by Valery Tolkov | April 19, 2014, 10:16 pm

Post a Comment

Categories

Twitting ...