Heartbleed

You may have heard about the “Heartbleed” security vulnerability on last night’s news.

Pretty serious.

But don’t panic.

For regular browsing, it doesn’t really matter. For any site that doesn’t require a password, it doesn’t matter. Those sites aren’t secure anyway. Never have been.

For any site you log into, there’s an easy check to see if the site is vulnerable.

Go to the Heartbleed Test Page, enter the website you’re thinking of going to, and if the result is green, it’s OK. If the test comes back red, just don’t go there until they’ve fixed things up.

The patch is pretty easy, at least for small-time sites like the ones I run. If you manage a cPanel operation, log into your WHM and run “Upgrade to Latest Version” (make sure you’re set to update to RELEASE), “Update System Software,” and “Update Server Software.” That will take about 5 minutes, and presto! you’re fixed.

I took the opportunity of being in there to rebuild my Apache and upgrade my php installation, too. (That took about 20 minutes, but it’s optional as far as fixing Heartbleed.)

Not that anybody cares about the security status of Sunday Epidemic, but here’s the proof that you’re safe here:

Sunday Epidemic Is Heartbleed Safe